CVE-2024-47611

XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows MinGW-w64 or MSVC, the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters for exampl...

CVE-2024-45720 Apache Subversion: Command line argument injection on Windows platforms

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables e.g., svn.exe, etc. may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line...

CVE-2024-45720 Apache Subversion: Command line argument injection on Windows platforms

On Windows platforms, a "best fit" character encoding conversion of command line arguments to Subversion's executables e.g., svn.exe, etc. may lead to unexpected command line argument interpretation, including argument injection and execution of other programs, if a specially crafted command line...

Sun Java: Web Start argument injection vulnerability

Background Sun provides implementations of Java Development Kits JDK and Java Runtime Environments JRE. These implementations provide the Java Web Start technology that can be used for easy client-side deployment of Java applications. Description Jouko Pynnonen discovered that Java Web Start...