CVE-2026-7299 CVE-2026-7299

Appsmith’s SQL query editor’s autocomplete functionality fails to sanitize database object names before rendering them in innerHTML, allowing an authenticated Developer to inject persistent XSS by a malicious table or column names triggering arbitrary code execution in the sessions of other...

Linux Distros Unpatched Vulnerability : CVE-2017-16544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a director...

GitLab 跨站脚本漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A cross-site scripting vulnerability exists in GitLab Enterprise Edition and...

CVE-2019-4724

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to obtain credentials from a user's browser via incorrect autocomplete settings in New Content Backup page. IBM X-Force ID: 172130...

Zsh Local Stack Buffer Overflow Vulnerability

Zsh is an interactive command interpreter and command programming language used on Linux systems. A security vulnerability exists in the shell autocomplete feature in versions prior to Zsh 5.4.2-test-1. A local attacker can exploit this vulnerability by creating specially crafted directory paths ...