71 matches found
Command Injection
Click is vulnerable to Command Injection. The vulnerability is due to improper handling of user-controlled input in the click.edit function, allowing attackers to inject and execute arbitrary operating system commands from an unprivileged account...
CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
DEBIAN-CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
CVE-2026-7246
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
CVE-2026-7246 Pallets Click contains a command injection via Unsanitized Filename "click.edit()"
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit function, allowing attackers to pass arbitrary OS commands from an unprivileged account...
CVE-2025-59459
An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...
CVE-2025-59459
An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...
CVE-2025-59459
An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...
CVE-2025-59459 Denial-of-service (DoS) via resource consumption
An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...
CVE-2025-59459
An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...
EUVD-2025-36151
An attacker that gains SSH access to an unprivileged account may be able to disrupt services including SSH, causing persistent loss of availability...
CVE-2025-59459
CVE-2025-59459 describes a DoS risk where an attacker with SSH access to an unprivileged account can disrupt services (including SSH) and cause persistent availability loss. Connected documents indicate this CVE is associated with SICK TLOC100-100; Red Hat and SICK PSIRT references corroborate SS...
EUVD-2017-8008
Malware in sbrugna...
EUVD-2018-13263
Malware in sbrugna...
EUVD-2020-18422
Malware in sbrugna...
EUVD-2018-21447
Malware in sbrugna...
CVE-2020-25770
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the...
CVE-2025-1542
Improper permission control vulnerability in the OXARI ServiceDesk application could allow an attacker using a guest access or an unprivileged account to gain additional administrative permissions in the application.This issue affects OXARI ServiceDesk in versions before 2.0.324.0...
CVE-2025-1542
CVE-2025-1542 describes an improper permission control vulnerability in the OXARI ServiceDesk application. The issue affects versions prior to 2.0.324.0, where an attacker using a guest or unprivileged account could gain additional administrative permissions in the application. The NVD metrics in...
CVE-2025-1542 Improper permission control in OXARI ServiceDesk
Improper permission control vulnerability in the OXARI ServiceDesk application could allow an attacker using a guest access or an unprivileged account to gain additional administrative permissions in the application.This issue affects OXARI ServiceDesk in versions before 2.0.324.0...