Lucene search
K

6 matches found

Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-57850 RustDesk before 1.4.9 Missing Session Scope Enforcement Allows Out-of-Scope Control Message Injection

RustDesk before 1.4.9 does not enforce a session's authorized connection scope on the server side, so a peer granted a limited session type FileTransfer, PortForward, ViewCamera, or Terminal can send control messages and login options reserved for a full Remote session. An authenticated remote pe...

8.7CVSS0.00334EPSS
Exploits0References4
NVD
NVD
added 2026/03/24 8:16 p.m.6 views

CVE-2026-32948

sbt is a build tool for Scala, Java, and others. From version 0.9.5 to before version 1.12.7, on Windows, sbt uses Process"cmd", "/c", ... to run VCS commands git, hg, svn. The URI fragment branch, tag, revision is user-controlled via the build definition and passed to these commands without...

7.8CVSS0.00304EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/05 11:51 p.m.4 views

CVE-2026-21439 badkeys vulnerable to ASCII control character injection on console via malformed input

badkeys is a tool and library for checking cryptographic public keys for known vulnerabilities. In versions 0.0.15 and below, an attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line...

5.1CVSS6.5AI score0.00302EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/01/05 7:42 p.m.11 views

badkeys vulnerable to ASCII control character injection on console via malformed input

Impact An attacker may inject content with ASCII control characters like vertical tabs, ANSI escape sequences, etc., that can create misleading output of the badkeys command-line tool. This impacts scanning DKIM keys both --dkim and --dkim-dns, SSH keys --ssh-lines mode, and filenames in various...

5.3CVSS6.9AI score0.00302EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-29311

Malware in sbrugna...

10CVSS9AI score0.02277EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/02/14 12:54 a.m.4 views

sudo: Sudo does not escape control characters in log messages

A flaw was found in the sudo package, shipped with Red Hat Enterprise Linux 8 and 9, where sudo improperly escapes terminal control characters during logging operations. As sudo's log messages may contain user-controlled strings, this may allow an attacker to inject terminal control commands,...

5.3CVSS5.7AI score0.00915EPSS
Exploits0References4
Rows per page
Query Builder