1942 matches found
Exploit for CVE-2026-5366
CVE-2026-5366 P...
GHSA-V6MJ-8PF4-HHW4 Incus has an argument injection in backup compression algorithm leading to AFW and ACE
Summary Improper validation of user-provided backup compression algorithm leads to argument injection in the constructed command line. This leads to an arbitrary file write on the host, possibly leading to arbitrary command execution. Details Incus validates compressionalgorithm by parsing it int...
PT-2026-53014
Name of the Vulnerable Software and Affected Versions Incus affected versions not specified Description Improper validation of the user-provided backup compression algorithm allows for argument injection in the constructed command line. The system validates the compression algorithm by checking...
SUSE SLES16 Security Update : ansible-core (SUSE-SU-2026:22171-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:22171-1 advisory. This update for ansible-core fixes the following issue - CVE-2026-11332: argument injection in ansible-galaxy role install leads to arbitra...
GO-2026-5638 Kata Containers have VM Escape via virtiofsd Argument Injection through Default-Enabled Pod Annotations in github.com/kata-containers/kata-containers
Kata Containers have VM Escape via virtiofsd Argument Injection through Default-Enabled Pod Annotations in github.com/kata-containers/kata-containers...
GO-2026-5272 Tekton Pipeline: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE in github.com/tektoncd/pipeline
Tekton Pipeline: Git Resolver Unsanitized Revision Parameter Enables git Argument Injection Leading to RCE in github.com/tektoncd/pipeline...
Tridium Niagara Argument Injection (CVE-2025-3945)
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Tridium Niagara Framework on QNX, Tridium Niagara Enterprise Security on QNX allows Command Delimiters. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara...
Arbitrary Argument Injection
Overview Jellyfin.Common is an a Free Software Media System that puts you in control of managing and streaming your media. Affected versions of this package are vulnerable to Arbitrary Argument Injection via the SubtitleEncoder.ConvertTextSubtitleToSrtInternal process. An attacker can achieve...
Important: Red Hat Security Advisory: evince security update
An update for evince is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
CVE-2026-11968
Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...
CVE-2026-11968 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in TortoiseGit
Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...
EUVD-2026-38733
Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...
CVE-2026-11968
Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...
CVE-2026-11968
CVE-2026-11968 affects TortoiseGitBlame. The issue arises from argument injection via malicious Git history filenames, enabling arbitrary file write in TortoiseGit. The provided sources describe the vulnerability name and impact but do not include concrete exploit details, affected versions, root...
CVE-2026-11968 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in TortoiseGit
Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit...
PT-2026-51757
Name of the Vulnerable Software and Affected Versions TortoiseGit affected versions not specified Description Argument injection is possible in TortoiseGitBlame through the use of malicious git history filenames. This flaw allows for arbitrary file write operations within TortoiseGit...
PT-2026-52059
Name of the Vulnerable Software and Affected Versions Jellyfin versions prior to 10.11.10 Description An argument injection issue exists in the subtitle conversion process. The function ConvertTextSubtitleToSrtInternal interpolates the subtitle file path into FFmpeg command-line arguments without...
RHEL 9 : evince (RHSA-2026:27819)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27819 advisory. The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files,...
CVE-2026-5366 Git Argument Injection in prefecthq/prefect
Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the GitRepository storage class. The commitsha parameter, which is passed to git commands, lacks validation and does not include a -- separator to distinguish user input from git...
CVE-2026-5366 Git Argument Injection in prefecthq/prefect
Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in the GitRepository storage class. The commitsha parameter, which is passed to git commands, lacks validation and does not include a -- separator to distinguish user input from git...