Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2018-3043

Malware in sbrugna...

9.8CVSS9.3AI score0.01501EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.4 views

SUSE CVE-2017-17523

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

8.8CVSS6.9AI score0.02109EPSS
Exploits0References4
OSV
OSV
added 2018/10/26 6:47 p.m.9 views

MGASA-2018-0412 Updated lilypond packages fix security vulnerability

lilypond does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks CVE-2017-17523...

8.8CVSS9AI score0.02109EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/05/11 10:29 p.m.17 views

CVE-2018-10992

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU...

9.8CVSS7.2AI score0.01501EPSS
Exploits0References2
Prion
Prion
added 2018/05/11 10:29 p.m.18 views

Design/Logic Flaw

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU...

7.5CVSS8.5AI score0.02109EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2017/12/11 6:29 a.m.22 views

CVE-2017-17523

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

8.8CVSS7.2AI score0.02109EPSS
Exploits0References2
NVD
NVD
added 2017/12/11 6:29 a.m.24 views

CVE-2017-17523

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

8.8CVSS8.9AI score0.02109EPSS
Exploits0References3
OSV
OSV
added 2017/12/11 6:29 a.m.4 views

UBUNTU-CVE-2017-17523

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

8.8CVSS7.3AI score0.02109EPSS
Exploits0References3
OSV
OSV
added 2017/12/11 6:29 a.m.20 views

CVE-2017-17523

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

8.8CVSS6.7AI score
Exploits0References3
CVE
CVE
added 2017/12/11 6:0 a.m.54 views

CVE-2017-17523

CVE-2017-17523 affects LilyPond 2.19.80 where lilypond-invoke-editor does not validate strings before launching the program specified by the BROWSER environment variable, enabling argument-injection via a crafted URL (e.g., --proxy-pac-file). The issue is evidenced in multiple advisories and OSS/...

8.8CVSS8.5AI score0.02109EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder