252 matches found
EUVD-2020-30934
OpenCTI 3.3.1 is vulnerable to a reflected cross-site scripting XSS attack via the /graphql endpoint. An attacker can inject arbitrary JavaScript code by sending a crafted GET request with a malicious payload in the query string, leading to execution of JavaScript in the victim's browser. For...
CVE-2020-37041
OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences e.g., '../' in the URL. For example, requesting...
PT-2026-5484
Name of the Vulnerable Software and Affected Versions OpenCTI version 3.3.1 Description OpenCTI is susceptible to a reflected cross-site scripting XSS attack through the /graphql API endpoint. An attacker can inject malicious JavaScript code by sending a specially crafted GET request with a paylo...
EUVD-2019-10880
Malware in sbrugna...
EUVD-2024-35857
Malicious code in bioql PyPI...
CVE-2019-17080
mintinstall aka Software Manager 7.9.9 for Linux Mint allows code execution if a REVIEWSCACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports...
CVE-2024-36053
In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command injection via shell metacharacters in checkconnection, dropdatareceivedcb, and Service.remove. A user can modify a service name in a /.linuxmint/mintUpload/services/service file...
CVE-2024-36053
In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command injection via shell metacharacters in checkconnection, dropdatareceivedcb, and Service.remove. A user can modify a service name in a /.linuxmint/mintUpload/services/service file...
CVE-2024-36053
In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command injection via shell metacharacters in checkconnection, dropdatareceivedcb, and Service.remove. A user can modify a service name in a /.linuxmint/mintUpload/services/service file...
CVE-2024-36053
In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command injection via shell metacharacters in checkconnection, dropdatareceivedcb, and Service.remove. A user can modify a service name in a /.linuxmint/mintUpload/services/service file...
CVE-2024-36053
CVE-2024-36053 affects the Linux Mint mintupload package up to version 4.2.0, where a service-name mishandling allows command injection via shell metacharacters in functions check_connection, drop_data_received_cb, and Service.remove. An attacker can modify a service name in ~/.linuxmint/mintUplo...
CVE-2024-36053
In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command injection via shell metacharacters in checkconnection, dropdatareceivedcb, and Service.remove. A user can modify a service name in a /.linuxmint/mintUpload/services/service file...
CVE-2024-36053
In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command injection via shell metacharacters in checkconnection, dropdatareceivedcb, and Service.remove. A user can modify a service name in a /.linuxmint/mintUpload/services/service file...
mintupload 安全漏洞
mintupload is an open source library for Linux Mint. A security vulnerability exists in mintupload version 4.2.0 and earlier, which stems from mishandling of service names, which allows a user to modify the name of a service in a file...
PT-2024-26866 · Linux Mint · Mintupload
Name of the Vulnerable Software and Affected Versions: mintupload versions through 4.2.0 Description: The issue is related to service-name mishandling, which leads to command injection via shell metacharacters in functions such as check connection, drop data received cb, and Service.remove. A use...
CVE-2023-44451
Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-44451
Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-44452
Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visi...
CVE-2023-44452
Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visi...
CVE-2023-44451
Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must...