USN-8078-1: Zutty vulnerability

Carter Sande discovered that Zutty did not correctly echo invalid input to the console on DECRQSS. An attacker could possibly use this issue to execute arbitrary commands...

CVE-2025-14756 Authenticated Command Injection Vulnerability in Archer MR600

Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing authenticated attackers to execute system commands with a limited character length via crafted input in the browser developer console, possibly leading to service disruption or...

EUVD-2026-0823

badkeys vulnerable to ASCII control character injection on console via malformed input...

CVE-2025-8870

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153...

CVE-2025-8870

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153...

EUVD-2025-197616

On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153...

PT-2025-46974

Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description Certain serial console input on affected platforms running Arista EOS may cause an unexpected reload of the device. Recommendations At the moment, there is no information about a newer...

Security Advisory 0125

Security Advisory 0125 . CSAF PDF Date: November 11, 2025 Revision | Date | Changes ---|---|--- 1.0 | November 11, 2025 | Initial release The CVE-ID tracking this issue: CVE-2025-8870 CVSS:3.1 Base Score 4.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H CVSS:4.0 Base Score 5.6...

DDMQ 授权问题漏洞

DDMQ is a distributed messaging middleware open-sourced by China's Dripping DiDi. An authorization issue vulnerability exists in DDMQ version 1.0, which stems from incorrect input manipulation by the console module, which can lead to incorrect authentication...

OESA-2024-1425 flatpak security update

flatpak is a system for building, distributing and running sandboxed desktop applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for more information. Security Fixes: Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions...

[SECURITY] Fedora 40 Update: jline2-2.14.6-12.fc40

JLine is a Java library for handling console input. It is similar in functionality to BSD editline and GNU readline. People familiar with the readline/editline capabilities for modern shells such as bash and tcsh will find most of the command editing features of JLine to be familiar...

SUSE CVE-2023-28100

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the TIOCLINUX ioctl command instead of TIOCSTI. If a Flatpak app is run on a Linux...

SUSE CVE-2005-3631

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords...

SUSE CVE-2013-4261

OpenStack Compute Nova Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service connection pool consumption, as demonstrated using multiple requests that send...

CVE-2021-26549

An XSS issue was discovered in SmartFoxServer 2.17.0. Input passed to the AdminTool console is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML code in a user's browser session in context of an affected site...

CVE-2018-0485

A vulnerability in the SM-1T3/E3 firmware on Cisco Second Generation Integrated Services Routers ISR G2 and the Cisco 4451-X Integrated Services Router ISR4451-X could allow an unauthenticated, remote attacker to cause the ISR G2 Router or the SM-1T3/E3 module on the ISR4451-X to reload, resultin...

[SECURITY] Fedora 22 Update: jline-2.12.1-1.fc22

JLine is a Java library for handling console input. It is similar in functionality to BSD editline and GNU readline. People familiar with the readline/editline capabilities for modern shells such as bash and tcsh will find most of the command editing features of JLine to be familiar...

DEBIAN-CVE-2013-4261

OpenStack Compute Nova Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend, does not properly handle errors that occur during messaging, which allows remote attackers to cause a denial of service connection pool consumption, as demonstrated using multiple requests that send...

Microsoft Windows CSRSS DoS

NULL pointer dereference on console input from stdin if stderr and stdout are closed...

security flaw

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords...