SUSE CVE-2026-45803

gh is GitHub's official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users view GitHub Actions workflow logs using gh run view --log or gh run view --log-failed. The vulnerabilit...

CVE-2026-45803

GitHub CLI (gh) vulnerability: from v1.6.0 to before v2.92.0, terminal escape sequences could be injected via workflow logs when using gh run view --log or --log-failed, due to unsanitized raw log output. An attacker controlling Actions logs (e.g., PR-triggered workflows) could cause terminal man...

Incorrect Resource Transfer Between Spheres

Overview Affected versions of this package are vulnerable to Incorrect Resource Transfer Between Spheres via the ForwardToWall process. An attacker can inject ANSI escape sequences into user terminals by executing a logger -p emerg command when the relevant configuration is enabled. This is only...

Improper Neutralization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Improper Neutralization via the approval prompt process. An attacker can inject malicious ANSI escape sequences into terminal output by supplying crafted tool metadata, potentially spoofi...

CVE-2026-25996

CVE-2026-25996 affects Inspektor Gadget when running ig run interactively in the columns output mode. String fields from eBPF events rendered in columns are not sanitized, allowing forged event payloads from a container to inject ANSI escape sequences into the terminal, with possible effects as d...

MiracleLinux 7 : ruby-2.0.0.648-35.0.1.el7.AXS7 (AXSA:2019-3890:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3890:02 advisory. rubygems: Installing a malicious gem may lead to arbitrary code execution CVE-2019-8324 rubygems: Escape sequence injection vulnerability in gem own...

Updated ruby-rack packages fix security vulnerabilities

Possible Log Injection in Rack::CommonLogger. CVE-2025-25184 Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection. CVE-2025-27111 Local File Inclusion in Rack::Static. CVE-2025-27610...

MGASA-2025-0311 Updated ruby-rack packages fix security vulnerabilities

Possible Log Injection in Rack::CommonLogger. CVE-2025-25184 Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection. CVE-2025-27111 Local File Inclusion in Rack::Static. CVE-2025-27610...

EUVD-2019-0550

Malware in sbrugna...

EUVD-2020-7331

Malware in sbrugna...

EUVD-2019-0493

Malware in sbrugna...

EUVD-2019-0533

Malware in sbrugna...

EUVD-2010-3906

Malware in sbrugna...

EUVD-2019-0502

Malware in sbrugna...

EUVD-2022-2613

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-58160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber wa...

tracing 安全漏洞

tracing is an open source application from Tokio. A security vulnerability exists in tracing versions prior to 0.3.20, which stems from ANSI escape sequence injection and could lead to endpoint manipulation...

Linux Distros Unpatched Vulnerability : CVE-2019-8321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is...

CVE-2020-15334

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file...

openSUSE Security Advisory (SUSE-SU-2025:1492-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...