Lucene search
K

169 matches found

EUVD
EUVD
added 16 hours ago4 views

EUVD-2026-42435

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...

8.8CVSS6.3AI score
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-10037

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...

8.8CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday25 views

CVE-2026-10037 Sandbox Escape in Ubuntu OpenJDK Packages via xdg-desktop-portal

A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via...

8.8CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-10037

CVE-2026-10037 describes a sandbox escape in Ubuntu’s OpenJDK packages. The issue arises from .jar MIME handlers installed by these packages executing files marked as executable when the mailcap package is present. A compromised sandboxed application with access to the OpenURI portal via xdg-desk...

8.8CVSS6.3AI score
Exploits0References1
Ubuntu
Ubuntu
added yesterday3 views

USN-8518-1: mailcap vulnerability

Aaron Rainbolt discovered that the cautious-launcher utility in the mailcap package did not properly restrict the execution of certain file types. An attacker could use this issue to escape a sandboxed application and execute arbitrary code on the host operating system...

8.8CVSS6.5AI score
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Python 3.7, Python 2.7

In Python aka CPython, up to version 3.10.8, the mailcap module does not add escape characters to commands found in the system’s mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if those commands lack validation of...

8CVSS7AI score0.07017EPSS
Exploits1References2
OSV
OSV
added 2026/02/26 10:58 p.m.9 views

CLSA-2026-1772146735 python: Fix of CVE-2015-20107

CVE-2015-20107: fix shell command injection vulnerability in the mailcap module...

8CVSS5.8AI score0.07017EPSS
Exploits1References1
OSV
OSV
added 2026/02/25 4:54 p.m.10 views

CLSA-2026-1772038463 python: Fix of CVE-2015-20107

CVE-2015-20107: fix shell command injection vulnerability in the mailcap module...

8CVSS5.8AI score0.07017EPSS
Exploits1References1
OSV
OSV
added 2026/02/25 4:41 p.m.8 views

CLSA-2026-1772037700 python: Fix of CVE-2015-20107

CVE-2015-20107: fix shell command injection vulnerability in the mailcap module...

8CVSS5.8AI score0.07017EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : python3-3.6.8-47.el8.ML.1 (AXSA:2022-3849:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3849:02 advisory. pythonmailcap: findmatch function does not sanitise the second argument CVE-2015-20107 python: urllib.parse does not sanitize URLs containing ASCII...

8CVSS7.4AI score0.08325EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : python3.9-3.9.14-1.el9 (AXSA:2022-4524:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4524:02 advisory. python: mailcap: findmatch function does not sanitize the second argument CVE-2015-20107 python: open redirection vulnerability in lib/http/server.p...

8CVSS7.5AI score0.07017EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/07 9:39 a.m.6 views

CVE-1999-0365

The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry...

7.5CVSS7.3AI score0.04057EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.7 views

EulerOS Virtualization 2.13.0 : python3 (EulerOS-SA-2025-2595)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted...

9.8CVSS8.1AI score0.27095EPSS
Exploits21References14
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.6 views

EulerOS Virtualization 2.13.1 : python3 (EulerOS-SA-2025-2560)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted...

9.8CVSS8.1AI score0.27095EPSS
Exploits21References14
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Improper Neutralization of Special Elements used in a Command (CVE-2015-20107)

In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...

8CVSS6.8AI score0.07017EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.9 views

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2276)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attacke...

9.8CVSS8.1AI score0.27095EPSS
Exploits21References14
Tenable Nessus
Tenable Nessus
added 2025/10/24 12:0 a.m.7 views

EulerOS 2.0 SP13 : python3 (EulerOS-SA-2025-2308)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Directory traversal vulnerability in the 1 extract and 2 extractall functions in the tarfile module in Python allows user-assisted remote attacke...

9.8CVSS8.1AI score0.27095EPSS
Exploits21References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-7211

Malware in sbrugna...

4.6CVSS7.3AI score0.00882EPSS
Exploits1References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2003-0209

Malware in sbrugna...

4.6CVSS6.1AI score0.00321EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2003-0532

Malware in sbrugna...

7.5CVSS6.3AI score0.01403EPSS
Exploits0References3
Rows per page
Query Builder