SUSE CVE-2003-0070

VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containin...

SUSE CVE-2008-4306

Buffer overflow in enscript before 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence...

SUSE CVE-2008-5078

Multiple buffer overflows in the 1 recognizeepsfile function src/psgen.c and 2 tildesubst function src/util.c in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename...

SUSE CVE-2010-3928

Ruby Version Manager RVM before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via a crafted file, related to an "escape sequence injection vulnerability." NOTE: some of these details are...

SUSE CVE-2012-2142

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator...

SUSE CVE-2012-2385

The terminal dispatcher in mosh before 1.2.1 allows remote authenticated users to cause a denial of service long loop and CPU consumption via an escape sequence with a large repeat count value...

SUSE CVE-2012-2738

The VteTerminal in gnome-terminal vte before 0.32.2 allows remote authenticated users to cause a denial of service long loop and CPU consumption via an escape sequence with a large repeat count value...

SUSE CVE-2015-5309

Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via an ECH erase characters escape sequence with a large parameter value, which triggers a buffer underflow...

SUSE CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

SUSE CVE-2017-10906

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors...

SUSE CVE-2017-12837

Heap-based buffer overflow in the Sregatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service out-of-bounds write via a regular expression with a '\N' escape and the case-insensitive modifier...

SUSE CVE-2019-8321

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is possible...

SUSE CVE-2019-8323

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilitieswithresponse may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur...

SUSE CVE-2019-8322

An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur...

SUSE CVE-2019-8325

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManagerrun calls alerterror without escaping, escape sequence injection is possible. There are many ways to cause an error...

CVE-2015-10040

A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. The manipulation leads to injection. The attack can be initiated remotely. The patch is...

Design/Logic Flaw

A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. The manipulation leads to injection. The attack can be initiated remotely. The patch is...

CVE-2015-10040 gitlearn Escape Sequence config.sh getOutOf injection

A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. The manipulation leads to injection. The attack can be initiated remotely. The patch is...

CVE-2015-10040 gitlearn Escape Sequence config.sh getOutOf injection

A vulnerability was found in gitlearn. It has been declared as problematic. This vulnerability affects the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. The manipulation leads to injection. The attack can be initiated remotely. The patch is...

gitlearn 注入漏洞

gitlearn is an open source learning management system by Mike Izbicki, a personal developer. gitlearn suffers from an injection vulnerability that originates in the getGrade/getOutOf function of the file scripts/config.sh of the component Escape Sequence Handler, which is manipulated to cause...