CVE-2022-42889.zip
2.4 KB
CVE-2022-42889
Author: Goultarde
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values ar...
Author: Goultarde
Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values ar...
CVE-2021-3156.zip
4.1 KB
CVE-2021-3156
Author: VilmarTuminskii
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
GitHub Link:
https://github.com/VilmarTuminskii/cve-2021-3156-sudo-lab
Author: VilmarTuminskii
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
GitHub Link:
https://github.com/VilmarTuminskii/cve-2021-3156-sudo-lab
CVE-2012-1823.zip
227.2 KB
CVE-2012-1823
Author: waburig
sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain phpgetopt for the 'd' case.
GitHub Link:
https://github.com/waburig/Open-Worldwide-Application-Security-Project-OWASP-
Author: waburig
sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain phpgetopt for the 'd' case.
GitHub Link:
https://github.com/waburig/Open-Worldwide-Application-Security-Project-OWASP-
CVE-2025-27591.zip
1.9 KB
CVE-2025-27591
Author: Stp1t
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
GitHub Link:
https://github.com/Stp1t/CVE-2025-27591
Author: Stp1t
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
GitHub Link:
https://github.com/Stp1t/CVE-2025-27591
❤1
CVE-2025-6440.zip
1.5 KB
CVE-2025-6440
Author: rimbadirgantara
None
GitHub Link:
https://github.com/rimbadirgantara/CVE-2025-6440
Author: rimbadirgantara
None
GitHub Link:
https://github.com/rimbadirgantara/CVE-2025-6440
❤1