9 matches found
CVE-2026-36827
A command injection vulnerability exists in Panabit PAP-XM320 up to and including V7.7. The web management interface invokes the backend helper /usr/sbin/pappiw and passes user-controlled parameters to it. The helper performs unsafe argument processing using eval, which allows command injection...
The vulnerability of the Apache OpenOffice office software lies in the insufficient validation of input data when processing arguments, allowing an attacker to execute arbitrary code.
The vulnerability of the Apache OpenOffice office software package lies in insufficient validation of input data during argument processing. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the processlogin.php implementation in the ERP system allows a perpetrator to execute arbitrary code.
The vulnerability of the processlogin.php implementation in the ERP system is related to the lack of measures taken to protect the SQL query structure during the processing of the user argument. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
CVE-2018-7166
In all versions of Node.js 10 prior to 10.9.0, an argument processing flaw can cause Buffer.alloc to return uninitialized memory. This method is intended to be safe and only return initialized, or cleared, memory. The third argument specifying encoding can be passed as a number, this is...
Nagios NRPE Command Argument Processing Enabled
The version of Nagios Remote Plugin Executor NRPE running on the remote host has command argument processing enabled and accepts the newline character. An unauthenticated, remote attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application by...
Multiple antivirus and firewall memory corruption
Memory corruptions on SSDR hooked functions argument processing...
Ubuntu 4.10 / 5.04 / 5.10 : imagemagick vulnerabilities (USN-246-1)
Florian Weimer discovered that the delegate code did not correctly handle file names which embed shell commands CVE-2005-4601. Daniel Kobras found a format string vulnerability in the SetImageInfo function CVE-2006-0082. By tricking a user into processing an image file with a specially crafted fi...
Buffer overflow in Options Parsing Tool library
Buffer overflows in few argument processing functions...
Format atring bug in TrACESroute
Ошибка форматной строки при обработке аргументов...