CVE-1999-0817

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet...

CURL-CVE-2025-15079 libssh global known_hosts override

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

PT-2026-2162

Name of the Vulnerable Software and Affected Versions Panda3D versions up to and including 1.10.16 Description Panda3D deploy-stub contains a denial of service condition resulting from unbounded stack allocation. The deploy-stub executable uses alloca to allocate argv copy and argv copy2 based on...

EUVD-2026-0926

Malicious code in gztensor-cli PyPI...

CLSA-2026-1767609927 httpd: Fix of CVE-2025-58098

CVE-2025-58098: don't pass querry string args as command line arguments to SSI-invoked CGI scripts...

PT-2026-1358

Name of the Vulnerable Software and Affected Versions badkeys versions 0.0.15 and below Description badkeys is a tool and library used for checking cryptographic public keys for known issues. In versions 0.0.15 and below, an attacker can inject content containing ASCII control characters, such as...

[SECURITY] Fedora 42 Update: doctl-1.148.0-1.fc42

The official command line interface for the DigitalOcean API...

[SECURITY] Fedora 43 Update: doctl-1.148.0-1.fc43

The official command line interface for the DigitalOcean API...

[SECURITY] Fedora 43 Update: gh-2.83.2-1.fc43

A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...

PT-2026-3302

Name of the Vulnerable Software and Affected Versions Weblate versions prior to 1.17.2 Description The Weblate command-line client wlc has a flaw where a crafted server could potentially write files to arbitrary locations during a multi-translation download. This is due to improper handling of fi...

SUSE CVE-2018-25153

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak...

[SECURITY] Fedora 42 Update: fluidsynth-2.5.2-1.fc42

FluidSynth is a real-time software synthesizer based on the SoundFont 2 specifications. It is a "software synthesizer". FluidSynth can read MIDI even ts from the MIDI input device and render them to the audio device. It features real-time effect modulation using SoundFont 2.01 modulators, and a...

UBUNTU-CVE-2018-25153

GNU Barcode 0.99 contains a memory leak vulnerability in the command line processing function within cmdline.c. Attackers can exploit this vulnerability by providing specially crafted input that causes unfreed memory allocations, potentially leading to denial of service conditions...

CVE-2018-25153

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak...

CVE-2018-25153

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak...

CVE-2018-25153

...

CVE-2018-25153

...

CVE-2018-25153

CVE-2018-25153 is associated with GNU Barcode 0.99, per OSV and PT-2025 entries. The issue is a memory leak in the command line processing function in cmdline.c, where crafted input can cause unfreed memory allocations and potentially lead to denial of service. No explicit patch or fixed version ...

EUVD-2023-60269

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrsacpihid command-line parameter The 'acpiid' buffer in the parseivrsacpihid function may overflow, because the string specifier in the format string sscanf has no width limitation...

CVE-2023-54057

CVE-2023-54057 : Linux kernel vulnerability in iommu/amd where the acpiid buffer may overflow due to an unbounded sscanf() format string in parse_ivrs_acpihid. Root cause: lack of width limitation on the IVRS ACPIHID parameter, enabling potential overflow. Connected advisories describe kernel pat...