Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/15 2:5 a.m.4 views

CVE-2026-40499

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS6.1AI score0.01184EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/04/15 2:5 a.m.2 views

CVE-2026-40499 radare2 < 6.1.4 Command Injection via PDB Parser print_gvars()

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS6.1AI score0.01184EPSS
Exploits1References4
CVE
CVE
added 2026/04/15 2:5 a.m.17 views

CVE-2026-40499

Radare2

8.4CVSS6.1AI score0.01184EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/15 2:5 a.m.2 views

CVE-2026-40499 radare2 < 6.1.4 Command Injection via PDB Parser print_gvars()

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS6.2AI score0.01184EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/04/15 2:5 a.m.34 views

CVE-2026-40499 radare2 < 6.1.4 Command Injection via PDB Parser print_gvars()

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

8.4CVSS0.01184EPSS
Exploits1References4
OSV
OSV
added 2023/04/17 10:15 p.m.6 views

UBUNTU-CVE-2023-29197

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline \n into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many...

7.5CVSS7AI score0.01216EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2020/06/25 12:0 a.m.5 views

PT-2020-3005

Name of the Vulnerable Software and Affected Versions Red Hat Ceph Storage versions 3.x and 4.x Description A flaw was found in the Red Hat Ceph Storage RadosGW Ceph Object Gateway related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag ...

8.8CVSS6.8AI score0.02654EPSS
Exploits0References97
Rows per page
Query Builder