20 matches found
USN-8238-2 editorconfig-core vulnerability
USN-8238-1 fixed a vulnerability in EditorConfig. This update contains the corresponding fix for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Original advisory details: It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A...
USN-8238-2: EditorConfig vulnerability
USN-8238-1 fixed a vulnerability in EditorConfig. This update contains the corresponding fix for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Original advisory details: It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A...
USN-8238-1 editorconfig-core vulnerability
It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A local attacker could possibly use this issue to cause EditorConfig to crash, resulting in a denial of service...
USN-8238-1: EditorConfig vulnerability
It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A local attacker could possibly use this issue to cause EditorConfig to crash, resulting in a denial of service...
PT-2026-38543
It was discovered that EditorConfig incorrectly handled specially crafted configuration files. A local attacker could possibly use this issue to cause EditorConfig to crash, resulting in a denial of service...
iccDEV 安全漏洞
iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities. These vulnerabilities stemmed from the handling of specially crafted ICC configuration files, where invalid enumeratio...
TP-Link Archer BE230 安全漏洞
The TP-Link Archer BE230 is a wireless router produced by TP-Link Corporation. The TP-Link Archer BE230 v1.2 1.2.4 Build 20251218 rel.70420 versions had security vulnerabilities. These vulnerabilities stemmed from specially crafted configuration files that contained overly long parameters, and...
ROS-20251203-05
A vulnerability in the Java library for handling Apache Commons Configuration files is related to the fact that, the application does not properly control internal resource consumption when loading a specially crafted configuration file. created configuration file. Exploitation of the vulnerabili...
PT-2024-4307 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions prior to 16.10.7 GitLab CE/EE versions 16.11 prior to 16.11.4 GitLab CE/EE versions 17.0 prior to 17.0.2 Description: A vulnerability in GitLab's CI/CD pipeline editor could allow for denial of service attacks through...
Chef InSpec Code Injection Vulnerability
Chef Software Chef InSpec is an open source automated testing and compliance checking framework from Chef Software designed to help developers and operations teams write, run, and maintain automated test scripts to validate the compliance and security of applications and infrastructure. A securit...
Multiple vulnerabilities in Panasonic KW Watcher
Overview KW Watcher provided by Panasonic contains multiple vulnerabilities listed below. Improper restriction of operations within the bounds of a memory buffer CWE-119 - CVE-2023-3471 Use after free CWE-416 - CVE-2023-3472 Michael Heinzl reported these vulnerabilities to Panasonic and...
USN-4899-1 spamassassin vulnerability
Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially- crafted CF file, a remote attacker could possibly run arbitrary code...
CVE-2020-27282
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML validation vulnerability in the ventilator allows privileged attackers with physical access to render the device persistently unusable by uploading specially crafted configuration files...
RHEL 8 : spamassassin (RHSA-2020:4625)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4625 advisory. The SpamAssassin tool provides a way to reduce unsolicited commercial email spam from incoming email. Security Fixes: spamassassin: crafted...
Moderate: spamassassin security update
The SpamAssassin tool provides a way to reduce unsolicited commercial email spam from incoming email. Security Fixes: spamassassin: crafted configuration files can run system commands without any output or errors CVE-2018-11805 spamassassin: crafted email message can lead to DoS CVE-2019-12420...
DEBIAN-CVE-2020-9759
A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...
CVE-2020-9759
A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker could exploit this vulnerability through crafted configuration files and executable files...
UBUNTU-CVE-2020-1931
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration .cf files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian...
USN-4237-2 spamassassin vulnerabilities
USN-4237-1 fixed several vulnerabilities in SpamAssassin. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a...
The vulnerability of the Emerson DeltaV digital automation system allows a malicious individual to increase their privileges and gain unauthorized access to confidential information.
The vulnerability of the Emerson DeltaV controller is related to errors that occur when processing a specially crafted configuration file. Exploiting this vulnerability allows a malicious individual to gain increased privileges and access confidential information without authorization...