Lucene search
+L

46 matches found

OSV
OSV
added 2026/01/29 11:4 p.m.7 views

CVE-2026-1665 Command Injection in nvm via NVM_AUTH_HEADER in wget code path

A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...

5.4CVSS7.4AI score0.00767EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.11 views

Node Version Manager security vulnerability

Node Version Manager is an open-source node version manager developed by nvm.sh. Versions of Node Version Manager prior to 0.40.3 contain security vulnerabilities. These vulnerabilities stem from the nvmdownload function using eval to execute the wget command, and the NVMAUTHHEADER environment...

5.4CVSS5.9AI score0.00767EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/29 12:0 a.m.14 views

PT-2026-5371

Name of the Vulnerable Software and Affected Versions nvm versions 0.40.3 and below Description A command injection issue exists in nvm Node Version Manager. The nvm download function utilizes eval to execute wget commands. The NVM AUTH HEADER environment variable was not properly sanitized when...

5.4CVSS6.2AI score0.00767EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/12/03 12:26 a.m.13 views

CVE-2025-65656

dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...

9.8CVSS6.9AI score0.00402EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/02 6:30 p.m.7 views

EUVD-2025-200278

dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...

6.4AI score0.00402EPSS
Exploits1References3
NVD
NVD
added 2025/12/02 5:16 p.m.7 views

CVE-2025-65656

dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...

9.8CVSS0.00402EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/12/02 12:0 a.m.7 views

dcat-admin 安全漏洞

dcat-admin is a Laravel-based back-end system builder by Jiang Qinghua, an individual developer. A security vulnerability exists in dcat-admin v2.2.3-beta and earlier versions, which originates from admin/src/Extend/VersionManager.php being vulnerable to file inclusion attacks...

9.8CVSS6.5AI score0.00402EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/02 12:0 a.m.8 views

PT-2025-48714

dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...

6.9AI score0.00402EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/02 12:0 a.m.2 views

CVE-2025-65656

dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...

6.5AI score0.00402EPSS
Exploits1References2
CVE
CVE
added 2025/12/02 12:0 a.m.18 views

CVE-2025-65656

Summary : CVE-2025-65656 affects dcat-admin v2.2.3-beta and earlier, with a file inclusion vulnerability in admin/src/Extend/VersionManager.php. Multiple connected sources confirm the issue and describe an unsafe file-upload/inclusion path that can lead to server file access. Affected component :...

9.8CVSS6.5AI score0.00402EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/12/02 12:0 a.m.8 views

CVE-2025-65656

dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in admin/src/Extend/VersionManager.php...

9.8CVSS6.8AI score0.00402EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-3906

Malware in sbrugna...

6.8CVSS6.4AI score0.01786EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/29 6:55 p.m.5 views

Malicious code in node-nvm-ssh (npm)

The package node-nvm-ssh was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References2
NVD
NVD
added 2024/03/21 8:15 a.m.23 views

CVE-2024-1147

Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and download of files...

9.8CVSS9.7AI score0.00697EPSS
Exploits0References2
NVD
NVD
added 2024/03/21 8:15 a.m.34 views

CVE-2024-1148

Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and uploading of files...

9.8CVSS9.7AI score0.00697EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/21 7:34 a.m.9 views

CVE-2024-1148 Weak Access Control - Arbitrary file upload

Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and uploading of files...

9.8CVSS7.4AI score0.00697EPSS
Exploits0References1
CVE
CVE
added 2024/03/21 7:34 a.m.65 views

CVE-2024-1148

OpenText PVCS Version Manager contains weak access control that could bypass authentication and allow arbitrary file uploads. CVSS 3.1 base score 9.8 (CRITICAL) with network access, no user interaction required. Affected: PVCS Version Manager (OpenText). Root cause: weak access control enabling a...

9.8CVSS9.7AI score0.00697EPSS
Exploits0References2
CVE
CVE
added 2024/03/21 7:33 a.m.66 views

CVE-2024-1147

CVE-2024-1147 describes a weakness in OpenText PVCS Version Manager with weak access control that can bypass authentication to download files. The PT-2024-17018 entry specifies affected versions: OpenText PVCS Version Manager prior to 8.6.3.3. The advisory recommends upgrading to version 8.6.3.3 ...

9.8CVSS9.7AI score0.00697EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/21 7:33 a.m.12 views

CVE-2024-1147 Weak Access Control - Arbitrary file download

Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and download of files...

9.8CVSS7.2AI score0.00697EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.8 views

PT-2024-17018 · Opentext · Opentext Pvcs Version Manager

Name of the Vulnerable Software and Affected Versions: OpenText PVCS Version Manager versions prior to 8.6.3.3 Description: The issue is related to weak access control in OpenText PVCS Version Manager, which allows potential bypassing of authentication and download of files. This could lead to...

9.8CVSS7.3AI score0.00697EPSS
Exploits0References9
Rows per page
Query Builder