Security Bulletin: IBM Sterling Connect:Direct Web Services is Affected by command injection.

Summary glob-10.4.5.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2025-64756. Vulnerability Details CVEID:CVE-2025-64756 DESCRIPTION: Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command...

Linux Distros Unpatched Vulnerability : CVE-2025-64756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection...

PT-2025-47185

Name of the Vulnerable Software and Affected Versions Glob versions 10.3.7 through 11.0.3 Description The glob command-line interface contains a command injection issue in its -c/--cmd option. This allows arbitrary command execution when processing files with maliciously crafted names. When using...

CLSA-2023-1701706316 Fix CVE(s): CVE-2023-4016

SECURITY UPDATE: Ability to write almost unlimited amounts of unfiltered data into the process heap - debian/patches/CVE-2023-4016.patch: ps: fix possible buffer overflow in -C option. - CVE-2023-4016...

SWHKD has unspecified vulnerabilities

SWHKD is a hotkey daemon made with Rust that is independent of the display protocol. SWHKD has security vulnerabilities that can be exploited by attackers to perform arbitrary file presence tests with the -c option...

CVE-2022-27814

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

CVE-2022-27814

CVE-2022-27814 relates to SWHKD 1.1.5, where the -c option allows arbitrary file-existence tests. The connected sources confirm the vulnerable component is the SWHKD daemon and the condition is a flaw in the -c flag that enables probing for file presence, implying local, low-complexity exploitati...

CVE-2022-27814

SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option...

CVE-2022-27819

SWHKD 1.1.5 allows unsafe parsing via the -c option. An information leak might occur but there is a simple denial of service memory exhaustion upon an attempt to parse a large or infinite file such as a block or character device...

CVE-2022-27819

SWHKD 1.1.5 allows unsafe parsing via the -c option. An information leak might occur but there is a simple denial of service memory exhaustion upon an attempt to parse a large or infinite file such as a block or character device...

PT-2022-3802 · Swhkd · Swhkd

Name of the Vulnerable Software and Affected Versions: SWHKD version 1.1.5 Description: The issue is related to a lack of proper access control in the SWHKD implementation of the Wayland display server protocol, specifically when handling files with the -c option. This can allow an attacker to...

The vulnerability of the iconv utility in the GNU C Library (glibc) system library arises from insufficient input validation, allowing attackers to trigger a service failure.

The vulnerability of the iconv utility in the GNU C Library glibc is related to insufficient input validation. Exploiting this vulnerability could allow a malicious actor to cause service failures when invoking the iconv utility with the “-c” option...

UBUNTU-CVE-2010-1457

Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local users to read arbitrary files via a 1 -c or 2 -a option, which prints file contents in an error message...

lftp security and bug fix update

3.7.11-4 - Resolves: 461922 - lftp 'help mirror' does not display all options defined in manpage 3.7.11-3 - Resolves: 504594 - Alias ''edit' has multiple flaws 3.7.11-2 - Resolves: 504591 - Problems with spaces in file names over HTTP - Resolves: 504594 - Alias ''edit' has multiple flaws 3.7.11-1...