Lucene search
+L

8 matches found

OSV
OSV
added 2026/06/26 8:52 p.m.4 views

GHSA-4C3C-R6P8-C863 Flawfinder output manipulation via untrusted filenames and source text

Impact This vulnerability is an improper input neutralization issue leading to output manipulation, specifically, Terminal/ANSI Escape Sequence Injection and XML Injection: Terminal Output Spoofing: A malicious file whose name contains ANSI escape sequences can end up being included in flawfinder...

6AI score
Exploits0References2
OSV
OSV
added 2026/02/25 10:34 p.m.4 views

GHSA-5RQ4-664W-9X2C Basic FTP has Path Traversal Vulnerability in its downloadToDir() method

The basic-ftp library contains a path traversal vulnerability in the downloadToDir method. A malicious FTP server can send directory listings with filenames containing path traversal sequences ../ that cause files to be written outside the intended download directory. Source-to-Sink Flow 1. SOURC...

9.1CVSS6.1AI score0.00528EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-21289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mechanize is an open-source ruby library that makes automated web interaction easy. In Mechanize from version 2.0.0 and before version 2.7.7 there is a command...

8.3CVSS7.2AI score0.03507EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/01/08 4:30 a.m.5 views

httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

2.6CVSS7.1AI score0.22515EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2012/12/18 10:43 p.m.7 views

httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

2.6CVSS7.2AI score0.22515EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2012/12/18 10:23 p.m.5 views

httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

2.6CVSS7.2AI score0.22515EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2012/12/18 10:17 p.m.4 views

httpd: mod_negotiation XSS via untrusted file names in directories with MultiViews enabled

Multiple cross-site scripting XSS vulnerabilities in the makevariantlist function in modnegotiation.c in the modnegotiation module in the Apache HTTP Server 2.4.x before 2.4.3, when the MultiViews option is enabled, allow remote attackers to inject arbitrary web script or HTML via a crafted...

2.6CVSS7.2AI score0.22515EPSS
Exploits2References4
securityvulns
securityvulns
added 2004/08/30 12:0 a.m.39 views

[SA12375] GNU a2ps Command Injection Vulnerability

TITLE: GNU a2ps Command Injection Vulnerability SECUNIA ADVISORY ID: SA12375 VERIFY ADVISORY: http://secunia.com/advisories/12375/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: GNU a2ps 4.x http://secunia.com/product/3837/ DESCRIPTION: Rudolf Polzer has...

0.9AI score
Exploits0
Rows per page
Query Builder