CVE-2026-54231 Abrt: unsanitized systemd journal content written to dump directory files enables content injection

A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A...

SUSE CVE-2016-3096

The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...

Ansible lxc_container Module Privilege Gain Vulnerability

Ansible is a computer system configuration manager from Ansible, Inc. that can be used to publish, manage and orchestrate computer systems. A security vulnerability exists in the 'createscript' function in the lxccontainer module in Ansible versions prior to 1.9.6-1 and 2.x versions prior to...

FreeBSD : mailman XSS in create script (429249d2-67a7-11d8-80e3-0020ed76ef5a)

From the 2.1.3 release notes : Closed a cross-site scripting exploit in the create cgi script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and...

mailman XSS in create script

From the 2.1.3 release notes: Closed a cross-site scripting exploit in the create cgi script...