Lucene search
K

4 matches found

Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.24 views

PT-2026-43259

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user...

8.8CVSS6.1AI score0.06582EPSS
Exploits0References4
OSV
OSV
added 2022/06/10 7:39 p.m.2 views

DRUPAL-CORE-2022-011

Updated 22:00 UTC 2022-06-10: Added steps to update without drupal/core-recommended. Drupal uses the third-party Guzzle library for handling HTTP requests and responses to external services. Guzzle has released two security advisories: Failure to strip the Cookie header on change in host or HTTP...

7.5CVSS7.2AI score0.0182EPSS
Exploits0References1
OSV
OSV
added 2020/07/29 5:15 p.m.4 views

DEBIAN-CVE-2020-11934

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...

5.9CVSS6.3AI score0.00365EPSS
Exploits0References1
OSV
OSV
added 2020/07/15 12:0 p.m.2 views

UBUNTU-CVE-2020-11934

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...

5.9CVSS6.6AI score0.00365EPSS
Exploits0References3
Rows per page
Query Builder