Ametys CMS Information Disclosure

Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion/domain/en.xml and similar pathnames for other languages via the auto-completion plugin, which contain all characters typed by all users, including the content of...

Docker Desktop < 4.43.0 Information Disclosure

The version of Docker Desktop is prior to 4.43.0. It is therefore affected by an information disclosure vulnerability. - System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information...

CVE-2022-26159

The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion//en.xml and similar pathnames for other languages, which contain all characters typed by all users, including the content of private...

EUVD-2022-42906

Malicious code in bioql PyPI...

PT-2025-27769 · Docker · Docker Desktop

Name of the Vulnerable Software and Affected Versions: Docker Desktop versions prior to 4.43.0 Description: The issue concerns the recording of system environment variables in Docker Desktop diagnostic logs when using shell auto-completion. This leads to the unintentional disclosure of sensitive...

[SECURITY] Fedora 40 Update: picocli-4.7.4-5.fc40

Picocli is a modern library and framework, written in Java, that contains both an annotations API and a programmatic API. It features usage help with ANSI colors and styles, TAB auto-completion and nested sub-commands. In a single file, so you can include it in source form. This lets users run...

Fedora: Security Advisory for picocli (FEDORA-2023-27ec59a486)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: picocli-4.7.4-1.fc38

Picocli is a modern library and framework, written in Java, that contains both an annotations API and a programmatic API. It features usage help with ANSI colors and styles, TAB auto-completion and nested sub-commands. In a single file, so you can include it in source form. This lets users run...

CVE-2022-3540

An issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of auto-completion input allows an authenticated attacker to extract other users email addresses...

Design/Logic Flaw

An issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of auto-completion input allows an authenticated attacker to extract other users email addresses...

PT-2022-22804 · Hunter2 · Hunter2

Name of the Vulnerable Software and Affected Versions: hunter2 versions prior to 2.1.0 Description: An issue has been discovered in the improper handling of auto-completion input, allowing an authenticated attacker to extract other users' email addresses. Recommendations: For versions prior to...

CVE-2022-26159

The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion//en.xml and similar pathnames for other languages, which contain all characters typed by all users, including the content of private...

CVE-2022-26159

The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion//en.xml and similar pathnames for other languages, which contain all characters typed by all users, including the content of private...

Code injection

The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion//en.xml and similar pathnames for other languages, which contain all characters typed by all users, including the content of private...

CVE-2022-26159

The auto-completion plugin in Ametys CMS before 4.5.0 allows a remote unauthenticated attacker to read documents such as plugins/web/service/search/auto-completion//en.xml and similar pathnames for other languages, which contain all characters typed by all users, including the content of private...

Ametys Cms 信息泄露漏洞

Ametys Cms is used to run large enterprise websites, blogs, Intranet and Extranet on the same server.Ametys Community Cms a free open source content management system written in Java. An information disclosure vulnerability exists in the Ametys CMS auto-completion plugins, which originated in the...

PT-2022-17702 · Unknown · Ametys Cms

Name of the Vulnerable Software and Affected Versions: Ametys CMS versions prior to 4.5.0 Description: The auto-completion plugin in Ametys CMS allows a remote unauthenticated attacker to read documents, which contain all characters typed by all users, including the content of private pages. Thes...

Exploit for Forced Browsing in Ametys

CVE-2022-26159-Ametys-Autocompletion-XML A python exploi...

Heap-based Buffer Overflow in neomutt/neomutt

Description When connected through imap/imaps with a server, neomutt is prone to a heap buffer overflow when using the auto completion feature. Proof of Concept Prepare client configuration which connects to 127.0.0.1:14300 cat muttrc imap.txt.b64 EOF...

What is Geocoding? — How to Find Coordinates of An Address

How can your app hook into a geocoding service that offers forward and reverse geocoding and an auto-completion facility? Geocoding turns a location name or address into geocoordinates. The service gets used by thousands of applications like Uber and Grubhub to track and plot their map data. Yet,...