initstring - Security Researcher - Exploit Intelligence Platform

CVE-2019-7304 NOMISEC CRITICAL WORKING POC

Canonical snapd <2.37.1 - Command Injection

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

683 stars

CVSS 9.8

View Code

CVE-2025-12744 NOMISEC HIGH WORKING POC

Red Hat ABRT - Command Injection via Mount Information

A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload that injects shell metacharacters, causing the root-running ABRT process to execute attacker-controlled commands and ultimately gain full root privileges.

6 stars

CVSS 8.8

View Code

CVE-2019-7304 NOMISEC CRITICAL WORKING POC

Canonical snapd <2.37.1 - Command Injection

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

6 stars

CVSS 9.8

View Code

CVE-2019-7304 NOMISEC CRITICAL WORKING POC

Canonical snapd <2.37.1 - Command Injection

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

1 stars

CVSS 9.8

View Code

CVE-2019-7304 GITLAB CRITICAL WORKING POC

Canonical snapd <2.37.1 - Command Injection

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

CVSS 9.8

View Code

CVE-2019-7304 GITLAB CRITICAL WORKING POC

Canonical snapd <2.37.1 - Command Injection

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

CVSS 9.8

View Code

CVE-2019-7304 EXPLOITDB CRITICAL python WORKING POC

Canonical snapd <2.37.1 - Command Injection

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

CVSS 9.8

View Code

CVE-2019-7304 EXPLOITDB CRITICAL python WORKING POC

Canonical snapd <2.37.1 - Command Injection

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.

CVSS 9.8

View Code