CVE-2020-37039 Frigate 2.02 - Denial Of Service

Frigate 2.02 contains a denial of service vulnerability that allows attackers to crash the application by sending oversized input to the command line interface. Attackers can generate a payload of 8000 repeated characters and paste it into the application's command line field to trigger an...

CVE-2020-37039

Frigate 2.02 contains a denial of service vulnerability that allows attackers to crash the application by sending oversized input to the command line interface. Attackers can generate a payload of 8000 repeated characters and paste it into the application's command line field to trigger an...

PT-2026-5486

Name of the Vulnerable Software and Affected Versions Frigate version 3.36.0.9 Description Frigate version 3.36.0.9 contains a local buffer overflow in the Command Line input field. An attacker can exploit this to execute arbitrary code by crafting a malicious payload that overflows the buffer,...

Frigate security vulnerabilities

Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Version 3.36.0.9 of Frigate contains a security vulnerability, which stems from a local buffer overflow in the command line input field, potentially allowing arbitrary code to ...

ALPINE-CVE-2026-22184

zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...

CVE-2025-8078

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16...

CVE-2023-23108

In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a NULL pointer dereference in the function Xasc...

Jenkins: Temporary file parameter created with insecure permissions

A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the defau...

UBUNTU-CVE-2022-40898

An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python Packaging Authority PyPA Wheel version 0.37.1 and earlier. An attacker c...

CVE-2022-20906

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these...

CVE-2022-20908

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validation during CLI command execution on an affected device. An attacker could exploit these...

AlmaLinux 8 : gegl04 (ALSA-2022:0177)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:0177 advisory. - loadcache in GEGL before 0.4.34 allows shell expansion when a pathname in a constructed command line is not escaped or filtered. This is caused by use of the...

CVE-2021-21812

A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs’ Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to...

Cisco Secure Web Appliance Elevation of Privilege Vulnerability

Cisco AsyncOS is an operating system for Cisco devices from Cisco USA. Cisco AsyncOS for the Cisco Secure Web Appliance suffers from an operating system command injection vulnerability that stems from insufficient validation of user-supplied web interface and CLI input. The vulnerability can be...

Ubuntu: Security Advisory (USN-4585-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VulnCheck KEV: CVE-2016-1555

Multiple NETGEAR Wireless Access Point devices allows unauthenticated web pages to pass form input directly to the command-line interface. Exploitation allows for arbitrary code execution...

The vulnerability of the data tracking utility’s peekfd function, caused by segmentation errors, allows a hacker to trigger a service failure.

The vulnerability of the data tracking utility’s peekfd function is caused by segmentation errors. Exploiting this vulnerability can allow an attacker to cause a service failure in the application by entering a specially crafted sequence of data in the command line...

The vulnerability of the bzip2recover restoration tool, related to the swapping of the zero pointer, allows a hacker to trigger a service failure.

The vulnerability of the bzip2recover restoration tool is related to the use of a zero pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by entering a specially crafted sequence of data into the command line...

The vulnerability of the PDF document conversion tool pdftops, which operates in the PostScript format, stems from the handling of the zero pointer. This allows a malicious actor to trigger a service failure.

The vulnerability of the PDF document conversion utility in the pdftops format within the poppler-utils package relates to the handling of the null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by entering a specially crafted sequence of data in the...