7 matches found
EUVD-2020-9307
Malware in sbrugna...
EUVD-2020-9308
Malware in sbrugna...
EUVD-2018-3043
Malware in sbrugna...
CVE-2020-29007
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles potentially including unauthenticated anonymous users to execute arbitrary Scheme or shell cod...
LilyPond 代码注入漏洞
LilyPond is an open source music sculpting software. A security vulnerability exists in LilyPond 0.3.0 and earlier versions, which stems from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary Scheme or shell code by generating sheet music containing...
DEBIAN-CVE-2018-10992
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU...
DEBIAN-CVE-2017-17523
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...