CVE-2026-45255

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview praisonaiagents is a Praison AI agents for completing complex tasks with Self Reflection Agents Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the direct-prompt CLI. An attacker can access sensitive local...

banks has Critical Remote Code Execution (RCE) via Jinja2 SSTI

Summary banks = 2.4.1 uses jinja2.Environment unsandboxed to render prompt templates. Applications that pass user-supplied strings as the template argument to Prompt are vulnerable to Server-Side Template Injection SSTI, which can lead to Remote Code Execution RCE on the host system. This is a...

CVE-2008-7320

GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision...

Ubuntu 14.04 LTS / 16.04 LTS : cifs-utils vulnerabilities (USN-7688-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7688-1 advisory. Aurlien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly...

Lunary 安全漏洞

Lunary is a production toolkit for LLMs open sourced by Lunary. A security vulnerability exists in Lunary v1.3.2, which stems from the presence of an IDOR vulnerability that allows an authenticated user to update another user's prompt by manipulating the id parameter in the request...

CVE-2023-34541

Langchain 0.0.171 is vulnerable to Arbitrary code execution in loadprompt...

zsh: Prompt expansion vulnerability

A vulnerability was found in zsh in the parsecolorchar function of prompt.c file. This flaw allows an attacker to perform code execution if they control a command output inside the prompt, as stated by a %F%K argument. This occurs because of recursive PROMPTSUBST expansion...

CVE-2021-45444

In zsh before 5.8.1, an attacker can achieve code execution if they control a command output inside the prompt, as demonstrated by a %F argument. This occurs because of recursive PROMPTSUBST expansion...

Cisco NX-OS Software Privilege License and Access Control Vulnerability

Cisco Nexus 9500 R-Series Line Cards and Fabric Modules and so on are the products of Cisco Corporation.Cisco Nexus 9500 R-Series Line Cards and Fabric Modules is a 9500R Series Line Cards Modules.Cisco Nexus 3000 Series Switches is a 3000 Series Switch.Cisco Nexus 3500 Platform Switches is a 350...

weidwerk.at XSS vulnerability

Open Bug Bounty ID: OBB-597383 Description| Value ---|--- Affected Website:| weidwerk.at Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

imceo.kr XSS vulnerability

Open Bug Bounty ID: OBB-578088 Description| Value ---|--- Affected Website:| imceo.kr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

link.simple-mail.fr XSS vulnerability

Open Bug Bounty ID: OBB-568755 Description| Value ---|--- Affected Website:| link.simple-mail.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

RedHat Update for pam_krb5 RHSA-2010:0258-04

Check for the Version of pamkrb5 OpenVAS Vulnerability Test RedHat Update for pamkrb5 RHSA-2010:0258-04 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...