The poplib module, when passed a user-controlled command, can have
additional commands injected using newlines. Mitigation rejects commands
containing control characters.
The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
Improper neutralization of special elements used in an OS command ('command injection') in Cursor allows an unauthorized attacker to execute commands that are outside of those specified in the allowli
Tiki Wiki CMS – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System a
The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect us
An OS command injection vulnerability exists due to incomplete
validation of user-supplied input. Validation fails to enforce
sufficient formatting rules, which could permit attackers to append
arb
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause command injection in BLMon that is executed in the operating sy
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Command Injection.This
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To explo
OS command injection (CWE-78) vulnerability in pgAdmin 4 Import/Export query export.
User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An auth
An OS command injection vulnerability exists due to insufficient
sanitization of user-supplied input. The application accepts parameters
that are later incorporated into OS commands without adequate
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's s
Command injection vulnerability in console.run_module_with_output() in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This breaks
An Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability allows local users ton perform arbitrary unmounts via smb4k mount helper
There is a MEDIUM severity vulnerability affecting CPython.
The
email module didn’t properly quote newlines for email headers when
serializing an email message allowing for header injection when an
The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line argument. This argument is intended to allow users to provide custom Python function defi
Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally.
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command Injection.This issue affects Pandora FMS from 700 to 777.6
Page 1+ Next →