Lucene search
K

89 matches found

UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.20 views

CVE-2017-17516

scripts/inspectwebbrowser.py in Reddit Terminal Viewer RTV 1.19.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS7.2AI score0.0122EPSS
Exploits0References3
OSV
OSV
added 2017/12/14 4:29 p.m.12 views

UBUNTU-CVE-2017-17516

scripts/inspectwebbrowser.py in Reddit Terminal Viewer RTV 1.19.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS5.8AI score0.0122EPSS
Exploits0References4
OSV
OSV
added 2017/12/14 4:29 p.m.2 views

DEBIAN-CVE-2017-17516

scripts/inspectwebbrowser.py in Reddit Terminal Viewer RTV 1.19.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS6.9AI score0.0122EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.19 views

CVE-2017-17534

uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17521...

8.8CVSS6.9AI score0.0122EPSS
Exploits0References3
NVD
NVD
added 2017/12/14 4:29 p.m.36 views

CVE-2017-17521

uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534...

8.8CVSS8.4AI score0.01834EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.7 views

CVE-2017-17515

etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the code to access this...

8.8CVSS8.6AI score0.01635EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.8 views

CVE-2017-17519

batteriesConfig.mlp in OCaml Batteries Included aka ocaml-batteries 2.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS6.8AI score0.0122EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.20 views

CVE-2017-17524

library/wwwbrowser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS6.9AI score0.0122EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.7 views

UBUNTU-CVE-2017-17511

KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c...

8.8CVSS7.3AI score0.01685EPSS
Exploits0References5
OSV
OSV
added 2017/12/14 4:29 p.m.30 views

CVE-2017-17521

uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534...

8.8CVSS6.7AI score0.01834EPSS
Exploits0References1
Prion
Prion
added 2017/12/14 4:29 p.m.20 views

Design/Logic Flaw

uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17521...

6.8CVSS8.4AI score0.01834EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/12/14 4:29 p.m.13 views

Design/Logic Flaw

TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linkedscripts/context/stubs/unix/mtxrun,...

6.8CVSS8.5AI score0.01281EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/12/14 4:29 p.m.25 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.8CVSS8.6AI score0.01685EPSS
Exploits0References2
NVD
NVD
added 2017/12/14 4:29 p.m.29 views

CVE-2017-17529

af/util/xp/utgofile.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.5AI score0.01221EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.6 views

UBUNTU-CVE-2017-17514

DISPUTED boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the...

8.8CVSS7.3AI score0.01685EPSS
Exploits0References4
OSV
OSV
added 2017/12/14 4:29 p.m.3 views

DEBIAN-CVE-2017-17522

Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...

8.8CVSS8.4AI score0.03595EPSS
Exploits1References1
OSV
OSV
added 2017/12/14 4:29 p.m.9 views

CVE-2017-17526

Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS6.8AI score0.01221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2017/12/14 4:0 p.m.13 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

6.8AI score0.01685EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/12/14 4:0 p.m.25 views

CVE-2017-17533

default.tcl in Tkabber 1.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the attack cannot occur because of th...

8.5AI score0.01633EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/12/14 4:0 p.m.22 views

CVE-2017-17531

gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.3AI score0.01228EPSS
Exploits0References2
Rows per page
Query Builder