Lucene search
K

15 matches found

OSV
OSV
added 2026/05/27 8:46 p.m.11 views

GHSA-XX3C-QF5G-HC39 Symfony has an Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address

Description Symfony Mailer selects a transport via the MAILERDSN environment variable / configuration e.g. smtp://..., sendmail://..., native://default. SendmailTransport invokes the local sendmail binary and supports two modes: -bs speak SMTP over stdin: the default and -t read the message on...

8.6CVSS5.8AI score0.00062EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/27 8:46 p.m.12 views

Symfony has an Argument Injection in SendmailTransport via Dash-Prefixed Recipient Address

Description Symfony Mailer selects a transport via the MAILERDSN environment variable / configuration e.g. smtp://..., sendmail://..., native://default. SendmailTransport invokes the local sendmail binary and supports two modes: -bs speak SMTP over stdin: the default and -t read the message on...

5.8AI score0.00062EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2026/04/24 8:48 p.m.8 views

CLSA-2026-1777040144 subversion: Fix of CVE-2017-9800

CVE-2017-9800: fix arbitrary code execution via crafted svn+ssh:// URLs by validating the decoded hostinfo and adding an end-of-options guard to the default svn+ssh and example rsh tunnel commands...

9.8CVSS6.3AI score0.18892EPSS
Exploits3References1
OSV
OSV
added 2026/03/05 7:29 p.m.7 views

GHSA-V9VM-R24H-6RQM Gogs: Release tag option injection in release deletion

Summary There is a security issue in Gogs where deleting a release can fail if a user-controlled tag name is passed to Git without the right separator, allowing Git option injection and therefore interfering with the process. Affected Component - internal/database/release.go process.ExecDir...,...

8.8CVSS6AI score0.00433EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/03/05 7:29 p.m.9 views

Gogs: Release tag option injection in release deletion

Summary There is a security issue in Gogs where deleting a release can fail if a user-controlled tag name is passed to Git without the right separator, allowing Git option injection and therefore interfering with the process. Affected Component - internal/database/release.go process.ExecDir...,...

8.8CVSS6AI score0.00433EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-17367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. CVE-2020-17367 Note that...

7.8CVSS7.4AI score0.01464EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/18 12:0 a.m.3 views

PT-2023-20521 · Blamer · Blamer

Name of the Vulnerable Software and Affected Versions: blamer versions prior to 1.0.4 Description: The issue is related to Arbitrary Argument Injection via the blameByFile API. The library does not sanitize for user input or validate the given file path, nor does it properly pass command-line fla...

9.1CVSS9.2AI score0.00924EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:55 a.m.3 views

SUSE CVE-2020-17367

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...

7.8CVSS8.6AI score0.01464EPSS
Exploits0References5
OSV
OSV
added 2020/08/14 4:20 p.m.3 views

OPENSUSE-SU-2020:1208-1 Security update for firejail

This update for firejail fixes the following issues: - CVE-2020-17367: The end-of-options separator -- was not handled correctly boo1174986. - CVE-2020-17368: An attacker who has control over the command line arguments could run arbitrary commands boo1174986...

9.8CVSS9AI score0.04098EPSS
Exploits0References4
NVD
NVD
added 2020/08/11 4:15 p.m.19 views

CVE-2020-17367

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...

7.8CVSS8.9AI score0.01464EPSS
Exploits0References8
OSV
OSV
added 2020/08/11 4:15 p.m.3 views

DEBIAN-CVE-2020-17367

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...

7.8CVSS8.2AI score0.01464EPSS
Exploits0References1
OSV
OSV
added 2020/08/11 4:15 p.m.3 views

UBUNTU-CVE-2020-17367

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...

7.8CVSS7.3AI score0.01464EPSS
Exploits0References2
Prion
Prion
added 2020/08/11 4:15 p.m.26 views

Command injection

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection...

4.6CVSS8.8AI score0.01464EPSS
Exploits0References8Affected Software4
Tenable Nessus
Tenable Nessus
added 2020/08/07 12:0 a.m.34 views

Debian DSA-4742-1 : firejail - security update

Tim Starling discovered two vulnerabilities in firejail, a sandbox program to restrict the running environment of untrusted applications. - CVE-2020-17367 It was reported that firejail does not respect the end-of-options separator '--', allowing an attacker with control over the command line...

9.8CVSS8AI score0.04098EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2020/05/01 12:0 a.m.111 views

Security update for git (moderate)

openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2020:0598-1 Rating: moderate References: 1063412 1095218 1095219 1110949 1112230 1114225 1132350 1149792 1156651 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1167890 1168930 1169605 1169786...

9.8CVSS9.3AI score0.97356EPSS
Exploits24References23
Rows per page
Query Builder