15 matches found
CVE-2026-35197
dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1...
CVE-2026-35197
dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1...
CVE-2026-35197
CVE-2026-35197 affects the dye library for shell scripts. Before version 1.1.1, certain dye template expressions could lead to arbitrary code execution. The issue was discovered and fixed by the dye author, and is not publicly known to be exploited. A fix is available in 1.1.1. The NVD and Red Ha...
CVE-2026-35197
dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1...
CVE-2026-35197 Code injection in dye template expressions
dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1...
CVE-2026-35197 Code injection in dye template expressions
dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1...
dye 代码注入漏洞
Dye is a portable library developed by Mattie’s personal developer, designed for adding colors and styles to shell script outputs. Versions of dye prior to 1.1.1 contained a code injection vulnerability; this vulnerability stemmed from certain template expressions that could allow arbitrary code ...
PT-2026-30721
dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1...
GHSA-WQQV-JCFR-9F5G PocketMine-MP has improperly handled dye colour IDs in banner NBT, leading to server crash
Impact DyeColorIdMap-fromId did not account for the possibility that it might be given invalid input. This means that an undefined offset error would occur whenever this happened. This code is indirectly called during Banner-deserializeCompoundTag, which is invoked when deserializing any item NBT...
PocketMine-MP has improperly handled dye colour IDs in banner NBT, leading to server crash
Impact DyeColorIdMap-fromId did not account for the possibility that it might be given invalid input. This means that an undefined offset error would occur whenever this happened. This code is indirectly called during Banner-deserializeCompoundTag, which is invoked when deserializing any item NBT...
PT-2023-33069 · Unknown · Pocketmine-Mp
Name of the Vulnerable Software and Affected Versions: PocketMine-MP affected versions not specified Description: The issue arises from the DyeColorIdMap-fromId function not handling invalid input properly, leading to an undefined offset error. This function is indirectly called during the...
tie-dye-store.com Cross Site Scripting vulnerability OBB-2706071
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
analytics-zoo (>=0.2.0 <=0.10.0), azureml-webservice-schema (>=0.1.57 <=1.0.33) +33 more potentially affected by CVE-2020-9480 via pyspark (>=2.1.2 <=2.4.5)
pyspark PYPI version =2.1.2, =0.2.0, =0.1.57, =0.11.0, =0.1.2, =0.1.0, =1.0.0, =0.8.0, =0.2.1, =0.2.64 - intake-hive =0.1.0 - j11hail =0.2.53 - jmetalpy =0.9.0 - md2k-cerebral-cortex =3.0.0 and more Source cves: CVE-2020-9480 Source advisory: OSV:GHSA-WGX7-JWWM-CGJV...
analytics-zoo (>=0.2.0 <=0.10.0), azureml-webservice-schema (>=0.1.57 <=1.0.33) +33 more potentially affected by CVE-2020-9480 via pyspark (>=2.1.2 <=2.4.5)
pyspark PYPI version =2.1.2, =0.2.0, =0.1.57, =0.11.0, =0.1.2, =0.1.0, =1.0.0, =0.8.0, =0.2.1, =0.2.64 - intake-hive =0.1.0 - j11hail =0.2.53 - jmetalpy =0.9.0 - md2k-cerebral-cortex =3.0.0 and more Source cves: CVE-2020-9480 Source advisory: OSV:PYSEC-2020-95...
phpunity.txt
phpunity.postcard phpunity-postcard.php Remote File Inclusion Exploit Affected Software .: phpunity.postcard Vendor ............: http://www.perlunity.de/ Class .............: Remote File Inclusion Risk ..............: high Remote File Execution Found by ..........: Rivertam Contact ...........:...