| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmd_subsys.php. |
| Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php. |
| This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception. |
| This affects all versions of package npos-tesseract. The injection point is located in line 55 in lib/ocr.js. |
| This affects the package image-tiler before 2.0.2. |
| This affects all versions of package xopen. The injection point is located in line 14 in index.js in the exported function xopen(filepath) |
| The package ntesseract before 0.2.9 are vulnerable to Command Injection via lib/tesseract.js. |
| This affects all versions of package npm-help. The injection point is located in line 13 in index.js file in export.latestVersion() function. |
| This affects all versions of package sonar-wrapper. The injection point is located in lib/sonarRunner.js. |
| This affects all versions of package deferred-exec. The injection point is located in line 42 in lib/deferred-exec.js |
| This affects all versions of package heroku-env. The injection point is located in lib/get.js which is required by index.js. |
| This affects all versions of package google-cloudstorage-commands. |
| This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js. |
| This affects all versions of package gitblame. The injection point is located in line 15 in lib/gitblame.js. |
| This affects all versions of package node-latex-pdf. |
| This affects all versions of package curljs. |
| This affects all versions of package monorepo-build. |
| All versions of package git-archive are vulnerable to Command Injection via the exports function. |
| An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory. |
| The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as demonstrated by a situation with a complex regular expression for the regex extension. |
