4 matches found
UBUNTU-CVE-2026-40517
radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by crafting a malicious PDB file with newline characters in symbol names. Attackers can inject arbitrary radare2 commands through unsanitiz...
CVE-2024-46911 Apache Roller: Weakness in CSRF protection allows privilege escalation
Cross-site Resource Forgery CSRF, Privilege escalation vulnerability in Apache Roller. On multi-blog/user Roller websites, by default weblog owners are trusted to publish arbitrary weblog content and this combined with a deficiency in Roller's CSRF protections allowed an escalation of privileges...
UBUNTU-CVE-2014-1344
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1...
UBUNTU-CVE-2014-1330
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1...