Lucene search
K

1921 matches found

CVE
CVE
added 2026/06/24 9:33 a.m.12 views

CVE-2026-11968

CVE-2026-11968 affects TortoiseGitBlame. The issue arises from argument injection via malicious Git history filenames, enabling arbitrary file write in TortoiseGit. The provided sources describe the vulnerability name and impact but do not include concrete exploit details, affected versions, root...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 9:33 a.m.35 views

CVE-2026-11968 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in TortoiseGit

Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...

5.5CVSS0.00124EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 9:33 a.m.7 views

CVE-2026-11968

Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/24 9:33 a.m.9 views

EUVD-2026-38733

Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-52059

Name of the Vulnerable Software and Affected Versions Jellyfin versions prior to 10.11.10 Description An argument injection issue exists in the subtitle conversion process. The function ConvertTextSubtitleToSrtInternal interpolates the subtitle file path into FFmpeg command-line arguments without...

8.8CVSS5.9AI score0.00357EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51757

Name of the Vulnerable Software and Affected Versions TortoiseGit affected versions not specified Description Argument injection is possible in TortoiseGitBlame through the use of malicious git history filenames. This flaw allows for arbitrary file write operations within TortoiseGit...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

RHEL 9 : evince (RHSA-2026:27819)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27819 advisory. The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files,...

8.4CVSS6AI score0.00529EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/20 4:43 p.m.34 views

CVE-2026-5366 Git Argument Injection in prefecthq/prefect

Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the GitRepository storage class. The commitsha parameter, which is passed to git commands, lacks validation and does not include a -- separator to distinguish user input from git...

9.9CVSS0.00874EPSS
Exploits3References1
Snyk
Snyk
added 2026/06/19 2:46 p.m.6 views

Arbitrary Argument Injection

Overview bedrock-agentcore is an An SDK for using Bedrock AgentCore Affected versions of this package are vulnerable to Arbitrary Argument Injection via the installpackages function. An attacker can execute arbitrary commands within the sandboxed environment or redirect package resolution to a...

8.4CVSS6AI score0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/06/19 6:39 a.m.2 views

SUSE-SU-2026:22171-1 Security update for ansible-core

This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822...

7.8CVSS6.4AI score0.00156EPSS
Exploits0References3
OSV
OSV
added 2026/06/19 6:38 a.m.2 views

OPENSUSE-SU-2026:21097-1 Security update for ansible-core

This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitrary code execution bsc1267822...

7.8CVSS6.3AI score0.00156EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.6 views

Siemens Ruggedcom Rox Improper Neutralization of Argument Delimiters in a Command (CVE-2025-40948)

Affected devices do not properly validate input in the web server's JSON-RPC interface. This could allow an authenticated remote attacker to read arbitrary files from the underlying operating system's filesystem with root privileges. This plugin only works with Tenable.ot. Please visit...

6.8CVSS7.3AI score0.00286EPSS
Exploits0References4
OSV
OSV
added 2026/06/16 11:50 a.m.4 views

BIT-MYSQL-CLIENT-2026-44170 MariaDB: Argument injection in CONNECT REST Xcurl on Windows via unsanitized URL

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB on WIndows with installed CONNECT engine and enabled REST support interpolated table HTTP...

9.9CVSS5.5AI score0.00797EPSS
Exploits0References13
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.920 views

PHP CGI - Argument Injection

PHP CGI - Argument Injection CVE-2024-4577 is a critical argument injection flaw in PHP. id: CVE-2024-4577 info: name: PHP CGI - Argument Injection author: Hüseyin TINTAŞ,sw0rk17,s4e-io,pdresearch severity: critical description: | PHP CGI - Argument Injection CVE-2024-4577 is a critical argument...

9.8CVSS7.7AI score0.99987EPSS
Exploits64References4
Vulnrichment
Vulnrichment
added 2026/06/12 5:30 p.m.11 views

CVE-2026-44170 MariaDB: Argument injection in CONNECT REST Xcurl on Windows via unsanitized URL

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, MariaDB on WIndows with installed CONNECT engine and enabled REST support interpolated table HTTP...

6.3CVSS5.5AI score0.00797EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 5:30 p.m.28 views

CVE-2026-44170

CVE-2026-44170 : MariaDB on Windows with the CONNECT storage engine and REST support is affected. The vulnerability arises when an interpolated table HTTP attribute is included in a curl command line without proper sanitization, enabling an attacker to execute shell commands on the server. Patche...

9.9CVSS5.5AI score0.00797EPSS
Exploits0References12Affected Software1
NVD
NVD
added 2026/06/12 4:17 a.m.17 views

CVE-2026-47365

Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account...

9.9CVSS0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 2:27 a.m.30 views

CVE-2026-47365

Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account...

9.9CVSS0.00409EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/06/12 12:0 a.m.95 views

📄 Gogs 0.14.2 Argument Injection

Proof of concept exploit for an argument injection vulnerability in Gogs versions 0.14.2 and below and versions 0.15.0+dev and below. ================================================================================================================================== | Title : Gogs Git Rebase Argume...

5.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.14 views

CVE-2026-53694

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

7.3CVSS5.4AI score0.00131EPSS
Exploits1References1
Rows per page
Query Builder