2629 matches found
Buffer overflow
apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable...
CVE-2019-12937
apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable...
CVE-2012-6711
A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LCCTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, ma...
CVE-2012-6711
CVE-2012-6711 describes a heap-based buffer overflow in GNU Bash prior to 4.3. When wide characters not supported by the current LC_CTYPE locale are printed via the echo builtin, ansicstr() mishandles u32cconv() in lib/sh/strtrans.c, potentially allowing a local attacker to crash a script or exec...
CVE-2018-10992
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU...
CVE-2019-3902
Starting with version 1.5.3, Mercurial allows environment variable expansion on path names for sub repositories when creating it or cloning a parent repository, but it doesn't validate whether the final path name outside the repository root directory. An attacker can leverage this weakness using ...
New Relic: Stored XSS at APM apps labels autocomplete dropdown (apps listing)
Hey team, I have discovered the stored XSS vulnerability triggered at APM apps labels autocomplete dropdown. Only admins are able to add labels to apps, so it seemed to me that this XSS impact is "admin to owner" only. But I googled a little and stumbled upon the NEWRELICLABELS environment variab...
CVE-2019-3842
In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polk...
CVE-2019-3842
In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polk...
Command injection
In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polk...
CVE-2019-3842
In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polk...
CVE-2019-3842
The CVE-2019-3842 issue affects systemd’s pam_systemd, where improper sanitization of the XDG_SEAT environment variable could enable commands to be checked against polkit policies using the "allow_active" element instead of "allow_any" in some configurations. This is a local vulnerability (enviro...
CVE-2019-3842
In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polk...
CVE-2019-3842
It was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polkit policies using the...
CVE-2019-3842
In systemd before v242-rc4, it was discovered that pamsystemd does not properly sanitize the environment before using the XDGSEAT variable. It is possible for an attacker, in some particular configurations, to set a XDGSEAT environment variable which allows for commands to be checked against polk...
PYSEC-2019-37
nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries aka nnabla through v1.0.14 relies on the HOME environment variable, which might be untrusted...
PYSEC-2019-107
nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries aka nnabla through v1.0.14 relies on the HOME environment variable, which might be untrusted...
CVE-2019-10844
nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries aka nnabla through v1.0.14 relies on the HOME environment variable, which might be untrusted...
CVE-2019-10844
nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries aka nnabla through v1.0.14 relies on the HOME environment variable, which might be untrusted...
Code injection
nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries aka nnabla through v1.0.14 relies on the HOME environment variable, which might be untrusted...