31 matches found
SUSE CVE-2009-0314
Untrusted search path vulnerability in the Python module in gedit allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...
SUSE CVE-2017-9430
Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service application crash or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv0. An example threat model is a web application...
kernel: exec: Force single empty string when argv is empty
In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...
CLSA-2022-1643291562 Fix of CVE: CVE-2021-4034
CVE-2021-4034: polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector...
CLSA-2022-1643212149 Fix of CVE: CVE-2021-4034
CVE-2021-4034: polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector...
CVE-2011-5130
dev/less.php in Family Connections CMS FCMS 2.5.0 - 2.7.1, when registerglobals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv1 parameter...
python: untrusted python modules search path
Untrusted search path vulnerability in the PySysSetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv0 argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse...
systemtap: Crash with systemtap script using __get_argv()
Multiple integer signedness errors in the 1 getargv and 2 getcompatargv functions in tapset/auxsyscalls.stp in SystemTap 1.1 allow local users to cause a denial of service script crash, or system crash or hang via a process with a large number of arguments, leading to a buffer overflow...
[SA13352] FreeBSD procfs/linprocfs Process Argument Vector Handling Vulnerability
TITLE: FreeBSD procfs/linprocfs Process Argument Vector Handling Vulnerability SECUNIA ADVISORY ID: SA13352 VERIFY ADVISORY: http://secunia.com/advisories/13352/ CRITICAL: Less critical IMPACT: Exposure of system information, Exposure of sensitive information, DoS WHERE: Local system OPERATING...
Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit
Exploit for linux platform in category remote exploits ====================================================== Remote CVS = 1.11.15 errorprogname Remote Exploit ====================================================== Remote CVS = 1.11.15 exploit for the errorprogname double free vuln. by Gyan...
CVE-2026-46626: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch
More info at https://symfony.com/cve-2026-46626...