Lucene search
K

15 matches found

FreeBSD
FreeBSD
added 2026/06/07 12:0 a.m.6 views

p5-ack -- Multiple issues

Ack project reports: CVE-2026-49147: filename ANSI escape sequences CVE-2026-49146: project .ackrc -A -B -C memory exhaustion CVE-2026-49145: project .ackrc --follow / --files-from file exfiltration...

5.4AI score
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Tomcat9

Improper neutralization of escape, meta, or control sequence vulnerabilities in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an...

9.6CVSS7.1AI score0.09917EPSS
Exploits0References2
OSV
OSV
added 2026/04/14 1:10 p.m.3 views

JLSEC-2026-106

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. By using ANSI escape sequences and a race between libc::tcflush0, libc::TCIFLUSH and reading standard input, it's possible to manipulate the permission prompt and force it to allow an unsafe action regardless of the...

7.7CVSS5.8AI score0.0034EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/26 6:31 p.m.4 views

EUVD-2026-16234

Mattermost versions 11.2.x = 11.2.2, 10.11.x = 10.11.10, 11.4.x = 11.4.0, 11.3.x = 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences...

8CVSS5.8AI score0.00268EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/10 12:22 p.m.5 views

CVE-2025-64494

Soft Serve is a self-hostable Git server for the command line. In versions prior to 0.10.0, there are several places where the user can insert data e.g. names and ANSI escape sequences are not being removed, which can then be used, for example, to show fake alerts. In the same token, git messages...

4.6CVSS6.7AI score0.00155EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/11/04 8:15 a.m.6 views

git: Git does not sanitize URLs when asking for credentials interactively

A flaw was found in Git. This vulnerability occurs when Git requests credentials via a terminal prompt, for example, without the use of a credential helper. During this process, Git displays the host name for which the credentials are needed, but any URL-encoded parts are decoded and displayed...

4.7CVSS7.2AI score0.00643EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/08/29 9:28 p.m.7 views

CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences

tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...

2.3CVSS0.00303EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/07/21 2:51 p.m.10 views

git: Git does not sanitize URLs when asking for credentials interactively

A flaw was found in Git. This vulnerability occurs when Git requests credentials via a terminal prompt, for example, without the use of a credential helper. During this process, Git displays the host name for which the credentials are needed, but any URL-encoded parts are decoded and displayed...

4.7CVSS7.2AI score0.00643EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.5 views

Astra Linux – Vulnerability in unrar-nonfree

RARLAB WinRAR prior to version 7.00, on Linux and UNIX platforms, allowed attackers to spoof the screen output or cause a denial of service, through ANSI escape sequences...

7.1CVSS6.5AI score0.00817EPSS
Exploits1References3
Amazon
Amazon
added 2025/01/24 12:0 a.m.4 views

Medium: git

Issue Overview: Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt i.e. without using any credential helper, it prints out the ho...

9.3CVSS6.9AI score0.10047EPSS
Exploits2
OSV
OSV
added 2025/01/14 7:15 p.m.1 views

ALPINE-CVE-2024-50349

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt i.e. without using any credential helper, it prints out the host name for whic...

4.7CVSS7AI score0.00643EPSS
Exploits0References1
OSV
OSV
added 2024/05/21 5:15 p.m.3 views

CVE-2024-36052

RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI escape sequences, a different issue than CVE-2024-33899...

7.5CVSS5.8AI score0.00746EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.4 views

SUSE CVE-2022-46663

In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal...

5.5CVSS7AI score0.01412EPSS
Exploits0References18
OSV
OSV
added 2023/02/07 9:0 a.m.1 views

UBUNTU-CVE-2022-46663

In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal...

7.5CVSS5.8AI score0.01412EPSS
Exploits0References5
OSV
OSV
added 2020/09/05 4:15 a.m.1 views

DEBIAN-CVE-2020-15709

Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1esm1, printed a PPA personal package archive description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpected ways...

5.5CVSS5.6AI score0.00313EPSS
Exploits0References1
Rows per page
Query Builder