1097 matches found
CVE-2026-14459
Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...
CVE-2026-14460 Missing Authorization in TUBITAK BILGEM's pardus-software
Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...
EUVD-2026-41552
Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...
CVE-2026-14460
CVE-2026-14460 concerns pardus-software from TUBITAK BILGEM Software Technologies Research Institute. The vulnerability is described as a Missing Authorization flaw that allows Argument Injection in pardus-software versions up to and including 1.0.4, with 1.0.5 or later as the fixed release. Affe...
EUVD-2026-41550
Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...
CVE-2026-14459
Vulnerability: TUBITAK BILGEM pardus-software suffers an argument injection due to improper neutralization of command delimiters. Affects pardus-software
CVE-2026-14459 Argument Injection in TUBITAK BILGEM's pardus-software
Improper neutralization of argument delimiters in a command 'argument injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from = 1.0.4 before 1.0.5...
PT-2026-55542
Name of the Vulnerable Software and Affected Versions pardus-software versions prior to 1.0.5 Description Improper neutralization of argument delimiters in a command allows for argument injection. This occurs when the software fails to properly sanitize input used as command-line arguments,...
CVE-2026-56315
picklescan before 1.0.4 fails to block at least seven Python standard library modules including uuid, osxsupport, aixsupport, pyrepl.pager, and imaplib exposing eight functions that provide direct arbitrary command execution. Attackers can craft malicious pickle files importing these unblocked...
GHSA-4MPJ-78P6-RJ59 Duplicate Advisory: PickleScan's profile.run blocklist mismatch allows exec() bypass
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7wx9-6375-f5wh. This link is maintained to preserve external references. Original Description picklescan before 1.0.4 contains an incomplete blocklist for the profile module that fails to block the module-level...
EUVD-2026-37650
Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...
CVE-2026-22327
Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...
CVE-2026-22327 WordPress Restaurt theme <= 1.0.4 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Restaurt = 1.0.4 versions...
CVE-2026-22327
CVE-2026-22327 : WordPress Restaurt theme
EUVD-2025-210158
Administrator Server Side Request Forgery SSRF in PopAd = 1.0.4 versions...
CVE-2025-60175
Administrator Server Side Request Forgery SSRF in PopAd = 1.0.4 versions...
PT-2026-49348
Administrator Server Side Request Forgery SSRF in PopAd = 1.0.4 versions...
CVE-2026-47177
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...
EUVD-2026-36277
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...
CVE-2026-47177 Quest Bot: Ticket transcripts can disclose private ticket contents to a lower-visibility channel
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a channel they can read. When tickets are closed, the bot exports the full ticket history and sends it ...