28 matches found
CVE-2026-41421
SiYuan desktop prior to version 3.6.5 is vulnerable to local code execution via desktop notifications. The backend forwards user-controlled msg through /api/notification/pushMsg and the frontend injects it into the DOM with insertAdjacentHTML, within an Electron renderer that is configured with n...
EUVD-2016-6040
Malware in sbrugna...
EUVD-2023-37413
Malicious code in bioql PyPI...
CVE-2023-33244
Obsidian before 1.2.2 allows calls to unintended APIs for microphone access, camera access, and desktop notification via an embedded web page...
CVE-2023-33244
Obsidian before 1.2.2 allows calls to unintended APIs for microphone access, camera access, and desktop notification via an embedded web page...
CVE-2023-33244
Obsidian before 1.2.2 allows calls to unintended APIs for microphone access, camera access, and desktop notification via an embedded web page...
CVE-2023-33244
Obsidian before 1.2.2 allows calls to unintended APIs for microphone access, camera access, and desktop notification via an embedded web page...
Fedora 36 : kitty (2022-d718af66d1)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-d718af66d1 advisory. Fixed KITTYINSTALLATIONDIR in scripts ---- version 0.26.3 Tenable has extracted the preceding description block directly from the Fedora security advisory...
Arbitrary Code Execution
kitty is vulnerable to arbitrary code execution. The vulnerability exists due to insufficient validation in the desktop notification escape sequence which allows an attacker to execute arbitrary codes in the system...
Updated kitty packages fix security vulnerability
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup. CVE-2022-41322...
MGASA-2022-0364 Updated kitty packages fix security vulnerability
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup. CVE-2022-41322...
Kitty Code Execution Vulnerability
kitty is a fast, feature-rich, GPU-based terminal emulator developed by kovidgoyal. A code execution vulnerability exists in versions prior to Kitty 0.26.2 that stems from insufficient validation in the desktop notification escape sequence and can be exploited by an attacker to cause execution of...
DEBIAN-CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
Input validation
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
CVE-2022-41322
Kitty (before 0.26.2) contains a vulnerability where insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. An attacker must have attacker-controlled content displayed in the terminal and the user must click a notification popup to trigger code e...
CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
CVE-2022-41322
In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...
Kitty 安全漏洞
kitty is a fast, feature-rich, GPU-based terminal emulator developed by kovidgoyal. A code execution vulnerability exists in versions prior to Kitty 0.26.2 that stems from insufficient validation in the desktop notification escape sequence and can be exploited by an attacker to cause execution of...