Lucene search
K

7 matches found

EUVD
EUVD
added 2026/05/14 8:14 p.m.9 views

EUVD-2026-30475

python-utcp is the python implementation of UTCP. Prior to 1.1.3, the substituteutcpargs method in clicommunicationprotocol.py inserts user-controlled toolargs values directly into shell command strings without any sanitization or escaping. These commands are then executed via /bin/bash -c Unix o...

8.3CVSS5.9AI score0.00272EPSS
Exploits0References1
OSV
OSV
added 2025/05/30 1:49 p.m.3 views

OESA-2025-1580 ghostscript security update

Ghostscript is an interpreter for PostScript™ and Portable Document Format PDF files. Ghostscript consists of a PostScript interpreter layer, and a graphics library. Security Fixes: gslibctxstashsanitizedarg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for...

4CVSS7.1AI score0.00276EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/11/08 9:31 a.m.5 views

python: mailcap: findmatch() function does not sanitize the second argument

A command injection vulnerability was found in the Python mailcap module. The issue occurs due to not adding escape characters into the system mailcap file commands. This flaw allows attackers to inject shell commands into applications that call the mailcap.findmatch function with untrusted input...

8CVSS6.8AI score0.07017EPSS
Exploits1References5
OSV
OSV
added 2021/12/22 7:15 p.m.4 views

CVE-2021-21908

Specially-crafted command line arguments can lead to arbitrary file deletion. The handledelete function does not attempt to sanitize or otherwise validate the contents of the file parameter passed to the function as argv1, allowing an authenticated attacker to supply directory traversal primitive...

6.5CVSS6.9AI score0.01441EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2018/03/29 12:0 a.m.101 views

GitStack - Unsanitized Argument Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitStack Unsanitized Argument RCE', 'Description' = %q This module exploits a remote code execution vulnerability that exists in GitStack through...

9.8CVSS7.4AI score0.80982EPSS
Exploits9
0day.today
0day.today
added 2018/03/29 12:0 a.m.67 views

GitStack - Unsanitized Argument Remote Code Execution Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitStack Unsanitized Argument RCE', 'Description' = %q This module exploits a remote cod...

7.5CVSS9.6AI score0.80982EPSS
Exploits9
Metasploit
Metasploit
added 2018/03/05 7:25 p.m.36 views

GitStack Unsanitized Argument RCE

This module exploits a remote code execution vulnerability that exists in GitStack through v2.3.10, caused by an unsanitized argument being passed to an exec function call. This module has been tested on GitStack v2.3.10. This module requires Metasploit: https://metasploit.com/download Current...

9.8CVSS0.8AI score0.80982EPSS
Exploits9
Rows per page
Query Builder