32 matches found
CVE-2026-1665
A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...
CVE-2026-1665
A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...
CVE-2026-1665
A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...
CVE-2026-1665
CVE-2026-1665 affects nvm (Node Version Manager) versions 0.40.3 and earlier. The vulnerability arises because the wget path in the nvm_download() function uses eval to execute commands and the NVM_AUTH_HEADER environment variable is not sanitized in that path (unlike the curl path). An attacker ...
CVE-2026-1665 Command Injection in nvm via NVM_AUTH_HEADER in wget code path
A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...
CVE-2026-1665 Command Injection in nvm via NVM_AUTH_HEADER in wget code path
A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...
EUVD-2026-5014
A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...
Node Version Manager security vulnerability
Node Version Manager is an open-source node version manager developed by nvm.sh. Versions of Node Version Manager prior to 0.40.3 contain security vulnerabilities. These vulnerabilities stem from the nvmdownload function using eval to execute the wget command, and the NVMAUTHHEADER environment...
PT-2026-5371
Name of the Vulnerable Software and Affected Versions nvm versions 0.40.3 and below Description A command injection issue exists in nvm Node Version Manager. The nvm download function utilizes eval to execute wget commands. The NVM AUTH HEADER environment variable was not properly sanitized when...
CVE-2025-65656
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
EUVD-2025-200278
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
CVE-2025-65656
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
CVE-2025-65656
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
CVE-2025-65656
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
dcat-admin 安全漏洞
dcat-admin is a Laravel-based back-end system builder by Jiang Qinghua, an individual developer. A security vulnerability exists in dcat-admin v2.2.3-beta and earlier versions, which originates from admin/src/Extend/VersionManager.php being vulnerable to file inclusion attacks...
PT-2025-48714
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
CVE-2025-65656
Summary : CVE-2025-65656 affects dcat-admin v2.2.3-beta and earlier, with a file inclusion vulnerability in admin/src/Extend/VersionManager.php. Multiple connected sources confirm the issue and describe an unsafe file-upload/inclusion path that can lead to server file access. Affected component :...
EUVD-2010-3906
Malware in sbrugna...
Malicious code in node-nvm-ssh (npm)
The package node-nvm-ssh was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
CVE-2024-1147
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and download of files...