28 matches found
Mattermost doesn't escape some variables that could contain malicious content during error page composition
Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to escape some variables that could contain malicious content during error page composition which allows an attacker with access to edit some site configuration to execute some malicious code via injecting some JS as part of those...
SUSE CVE-2025-5265
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected.. Th...
PT-2026-37298
Name of the Vulnerable Software and Affected Versions WWBN AVideo versions prior to 29.0 Description The unauthenticated 'plugin/Scheduler/downloadICS.php' endpoint passes attacker-controlled title, description, and joinURL parameters into the Scheduler::downloadICS function, which utilizes the I...
SUSE CVE-2026-33609
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...
Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1534)
"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1534 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir o...
CVE-2026-33751
n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, a flaw in the LDAP node's filter escape logic allowed LDAP metacharacters to pass through unescaped when user-controlled input was interpolated into LDAP search filters. In workflows where external...
CVE-2026-24053
Claude Code is an agentic coding tool. Prior to version 2.0.74, due to a Bash command validation flaw in parsing ZSH clobber syntax, it was possible to bypass directory restrictions and write files outside the current working directory without user permission prompts. Exploiting this required the...
USN-7865-1: Linux kernel (FIPS) vulnerabilities
Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...
Ubuntu: Security Advisory (USN-7864-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-45530
URGENT: Critical Erlang/OTP vulnerabilities patched in OpenSuSE update 2025-15706-1. Includes a high-severity shell escape flaw CVE-2024-24357 leading to RCE. Read more: 👉 https://t.co/2N8otqQfDH Security OpenSUSE https://t.co/eRLTzqyYll...
TencentOS Server 2: httpd (TSSA-2025:0801)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0801 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability in Checkmk versions prior to 2.4.0p13, prior to 2.3.0p38, prior to 2.2.0p46, and version 2.1.0, which stems from insufficient escaping in the report scheduler, could allow an attacker to define the storage location o...
CVE-2025-5265
Due to insufficient escaping of the ampersand character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's system. This bug only affects Firefox for Windows. Other versions of Firefox are unaffected. Thi...
CVE-2020-11075
In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. The image analysis operation can only be executed by an authenticated user vi...
PT-2025-42556
Name of the Vulnerable Software and Affected Versions mediawiki affected versions not specified Description The software contains a flaw that allows an attacker to escape three system messages used by live preview. This could potentially lead to unauthorized actions or information disclosure...
XWiki Platform Security Vulnerability
XWiki Platform is the XWiki Foundation's suite of Wiki platforms for creating collaborative Web applications. A security vulnerability exists in XWiki Platform that stems from a failure of the search management interface to properly escape the id and label of a search user interface extension,...
PT-2022-26675
Name of the Vulnerable Software and Affected Versions Cobalt Strike version 4.7.1 Description The issue arises from the failure to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI...
CVE-2016-4991
Input passed to the Pdf function is shell escaped and passed to childprocess.exec during PDF rendering. However, the shell escape does not properly encode all special characters, namely, semicolon and curly braces. This can be abused to achieve command execution. This problem affects nodepdf 1.3....
Security Bulletin: IBM Netezza as a Service is vulnerable to CVE-2022-0811
Summary IBM Netezza as a Service is vulnerable to arbitrary code execution as root on the cluster node due to CVE-2022-0811 although severity is low. Vulnerability is addressed by upgrading OCP version to 4.8.42. Vulnerability Details CVEID: CVE-2022-0811 DESCRIPTION: CRI-O could allow a remote...
CVE-2022-0674
The Kunze Law WordPress plugin before 2.1 does not escape its 'E-Mail Error "From" Address' settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...