169 matches found
EUVD-2026-42435
A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...
CVE-2026-10037
A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...
CVE-2026-10037 Sandbox Escape in Ubuntu OpenJDK Packages via xdg-desktop-portal
A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...
CVE-2026-10037
CVE-2026-10037 describes a sandbox escape in Ubuntu’s OpenJDK packages. The issue arises from .jar MIME handlers installed by these packages executing files marked as executable when the mailcap package is present. A compromised sandboxed application with access to the OpenURI portal via xdg-desk...
USN-8518-1: mailcap vulnerability
Aaron Rainbolt discovered that the cautious-launcher utility in the mailcap package did not properly restrict the execution of certain file types. An attacker could use this issue to escape a sandboxed application and execute arbitrary code on the host operating system...
Astra Linux – Vulnerability in Python 3.7, Python 2.7
In Python aka CPython, up to version 3.10.8, the mailcap module does not add escape characters to commands found in the system’s mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if those commands lack validation of...
CLSA-2026-1772146735 python: Fix of CVE-2015-20107
CVE-2015-20107: fix shell command injection vulnerability in the mailcap module...
CLSA-2026-1772038463 python: Fix of CVE-2015-20107
CVE-2015-20107: fix shell command injection vulnerability in the mailcap module...
CLSA-2026-1772037700 python: Fix of CVE-2015-20107
CVE-2015-20107: fix shell command injection vulnerability in the mailcap module...
MiracleLinux 8 : python3-3.6.8-47.el8.ML.1 (AXSA:2022-3849:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3849:02 advisory. pythonmailcap: findmatch function does not sanitise the second argument CVE-2015-20107 python: urllib.parse does not sanitize URLs containing ASCII...
MiracleLinux 9 : python3.9-3.9.14-1.el9 (AXSA:2022-4524:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4524:02 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 python: open redirection vulnerability in lib/http/server.p...
CVE-1999-0365
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry...
EulerOS Virtualization 2.13.0 : python3 (EulerOS-SA-2025-2595)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted...
EulerOS Virtualization 2.13.1 : python3 (EulerOS-SA-2025-2560)
According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted...
Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements used in a Command (CVE-2015-20107)
In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2276)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attacke...
EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2308)
According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attacke...
EUVD-2006-7211
Malware in sbrugna...
EUVD-2003-0209
Malware in sbrugna...
EUVD-2003-0532
Malware in sbrugna...