3 matches found
CVE-2026-42866
Tookie is a advanced OSINT information gathering tool. Prior to 4.1fix, modules/modules.py's writetxt, writecsv, writejson, and commented-but-shipping scanfile helpers open their output as openf"user.", where user comes unsanitized from the -u CLI flag or any line of a -U usernames file. A userna...
UBUNTU-CVE-2019-6110
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server or Man-in-The-Middle attacker can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred...
bash_1.x.txt
Rather dangerous bug is present in output processing after "command substitution" in bash 1.xx. It seems to be NOT present in bash 2.0.x, but I haven't found any bugreport on this vulnerability. I looked for: 'command substitution', 'ff', 'subshell' and '$' CHANGES file, no effects... Seems to be...