46 matches found
CVE-2026-1665 Command Injection in nvm via NVM_AUTH_HEADER in wget code path
A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...
Node Version Manager security vulnerability
Node Version Manager is an open-source node version manager developed by nvm.sh. Versions of Node Version Manager prior to 0.40.3 contain security vulnerabilities. These vulnerabilities stem from the nvmdownload function using eval to execute the wget command, and the NVMAUTHHEADER environment...
PT-2026-5371
Name of the Vulnerable Software and Affected Versions nvm versions 0.40.3 and below Description A command injection issue exists in nvm Node Version Manager. The nvm download function utilizes eval to execute wget commands. The NVM AUTH HEADER environment variable was not properly sanitized when...
CVE-2025-65656
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
EUVD-2025-200278
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
CVE-2025-65656
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
dcat-admin 安全漏洞
dcat-admin is a Laravel-based back-end system builder by Jiang Qinghua, an individual developer. A security vulnerability exists in dcat-admin v2.2.3-beta and earlier versions, which originates from admin/src/Extend/VersionManager.php being vulnerable to file inclusion attacks...
PT-2025-48714
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
CVE-2025-65656
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
CVE-2025-65656
Summary : CVE-2025-65656 affects dcat-admin v2.2.3-beta and earlier, with a file inclusion vulnerability in admin/src/Extend/VersionManager.php. Multiple connected sources confirm the issue and describe an unsafe file-upload/inclusion path that can lead to server file access. Affected component :...
CVE-2025-65656
dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...
EUVD-2010-3906
Malware in sbrugna...
Malicious code in node-nvm-ssh (npm)
The package node-nvm-ssh was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
CVE-2024-1147
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and download of files...
CVE-2024-1148
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and uploading of files...
CVE-2024-1148 Weak Access Control - Arbitrary file upload
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and uploading of files...
CVE-2024-1148
OpenText PVCS Version Manager contains weak access control that could bypass authentication and allow arbitrary file uploads. CVSS 3.1 base score 9.8 (CRITICAL) with network access, no user interaction required. Affected: PVCS Version Manager (OpenText). Root cause: weak access control enabling a...
CVE-2024-1147
CVE-2024-1147 describes a weakness in OpenText PVCS Version Manager with weak access control that can bypass authentication to download files. The PT-2024-17018 entry specifies affected versions: OpenText PVCS Version Manager prior to 8.6.3.3. The advisory recommends upgrading to version 8.6.3.3 ...
CVE-2024-1147 Weak Access Control - Arbitrary file download
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and download of files...
PT-2024-17018 · Opentext · Opentext Pvcs Version Manager
Name of the Vulnerable Software and Affected Versions: OpenText PVCS Version Manager versions prior to 8.6.3.3 Description: The issue is related to weak access control in OpenText PVCS Version Manager, which allows potential bypassing of authentication and download of files. This could lead to...