OS Command Injection vulnerability in allenhwkim proctree through 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows attackers to execute arbitrary commands via the fix function.
References
https://nvd.nist.gov/vuln/detail/C…
OS command injection vulnerability in Turistforeningen node-s3-uploader through 2.0.3 for Node.js allows attackers to execute arbitrary commands via the metadata() function.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-34084
https://advisory.c…
An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method
References
https://nvd.nist.gov/vuln/detail/CVE-2021-43306
https:/…
OS Command injection vulnerability in Mintzo Docker-Tester through 1.2.1 allows attackers to execute arbitrary commands via shell metacharacters in the ‘ports’ entry of a crafted docker-compose.yml file.
References
https://nvd.nist.gov/vuln/detail/CVE…
A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0.0. This leads to Remote Code Execution during deletion of the default Email template URL.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-28246
https://github.com/formio/enterp…
lifion-verify-dependencies through 1.1.0 is vulnerable to OS command injection via a crafted dependency name on the scanned project’s package.json file.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-34078
https://github.com/lifion/lifion-verify…
Uncontrolled resource consumption in Mattermost version 6.6.0 and earlier allows an authenticated attacker to crash the server via a crafted SVG attachment on a post.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-1982
https://mattermost.com/sec…
An argument injection vulnerability in Dragonfly Ruby Gem v1.3.0 allows attackers to read and write arbitrary files when the verify_url option is disabled. This vulnerability is exploited via a crafted URL.
References
https://nvd.nist.gov/vuln/detail/…
新世代3大ロック・ギタリストの一人と称されるデレク・トラックスとシンガー/ギタリストのスーザン・テデ…
沖縄県警与那原署は31日、県内の印刷業105社が加盟する県印刷工業組合で、組合の経費で購入したノート…
