7 matches found
CVE-2026-6849 OS Command Injection in TUBITAK BILGEM's Pardus OS My Computer
Improper neutralization of special elements used in an OS command 'OS command injection' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: from =0.7.5 before 0.8.0...
AZL-75204 CVE-2026-24401 affecting package avahi for versions less than 0.8-5
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions 0.9rc2 and below, avahi-daemon can be crashed via a segmentation fault by sending an unsolicited mDNS response containing a recursive CNAME record, where the alias and canonica...
AZL-31758 CVE-2023-38470 affecting package avahi for versions less than 0.8-3
A vulnerability was found in Avahi. A reachable assertion exists in the avahiescapelabel function...
SUSE CVE-2020-15047
MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers...
UBUNTU-CVE-2019-20063
hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json...
keycloak-httpd-client-install: unsafe use of -p/--admin-password on command line
In keycloak-http-client-install prior to version 0.8, the admin password could be provided through a command-line argument. This might result in the password being leaked through shell history, or becoming visible to a local attacker at the time the program is running...
CVE-2005-1452
Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."...