Linux Distros Unpatched Vulnerability : CVE-2017-17535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow...

Linux Distros Unpatched Vulnerability : CVE-2017-17529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - af/util/xp/utgofile.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might all...

UBUNTU-CVE-2018-10992

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU...

UBUNTU-CVE-2017-17525

guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

PPLive 1.9.21 Argument Injection

-------------------------------------------------------------------------------- PPLive = 1.9.21 uri handlers "/LoadModule" remote argument injection by Nine:Situations:Group::strawdog -------------------------------------------------------------------------------- software...