Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
project vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2022-25900
All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git.
Git-clone Project Git-clone
10
CVSSv2
CVE-2021-34079
OS Command injection vulnerability in Mintzo Docker-Tester up to and including 1.2.1 allows malicious users to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml file.
Docker-tester Project Docker-tester
10
CVSSv2
CVE-2021-34080
OS Command Injection vulnerability in es128 ssl-utils 1.0.0 for Node.js allows malicious users to execute arbitrary commands via unsanitized shell metacharacters provided to the createCertRequest() and the createCert() functions.
Ssl-utils Project Ssl-utils
10
CVSSv2
CVE-2021-34082
OS Command Injection vulnerability in allenhwkim proctree up to and including 0.1.1 and commit 0ac10ae575459457838f14e21d5996f2fa5c7593 for Node.js, allows malicious users to execute arbitrary commands via the fix function.
Proctree Project Proctree
10
CVSSv2
CVE-2021-34084
OS command injection vulnerability in Turistforeningen node-s3-uploader up to and including 2.0.3 for Node.js allows malicious users to execute arbitrary commands via the metadata() function.
S3-uploader Project S3-uploader
10
CVSSv2
CVE-2022-30493
In oretnom23 Automotive Shop Management System v1.0, the product id parameter suffers from a blind SQL Injection Vulnerability allowing remote malicious users to dump all database credential and gain admin access(privilege escalation).
Automotive Shop Management System Project Automotive Shop Management System 1.0
10
CVSSv2
CVE-2022-1531
SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.
Rtx Project Rtx
10
CVSSv2
CVE-2022-1440
Command Injection vulnerability in git-interface@2.1.1 in GitHub repository yarkeev/git-interface before 2.1.2. If both are provided by user input, then the use of a `--upload-pack` command-line argument feature of git is also supported for `git clone`, which would then allow for...
Git-interface Project Git-interface
10
CVSSv2
CVE-2022-24231
Simple Student Information System v1.0 exists to contain a SQL injection vulnerability via add/Student.
Simple Student Information System Project Simple Student Information System 1.0
10
CVSSv2
CVE-2022-24803
Asciidoctor-include-ext is Asciidoctor’s standard include processor reimplemented as an extension. Versions before 0.4.0, when used to render user-supplied input in AsciiDoc markup, may allow an malicious user to execute arbitrary system commands on the host operating syste...
Asciidoctor-include-ext Project Asciidoctor-include-ext
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »