PT-2023-10219 · Gitlearn · Gitlearn

Name of the Vulnerable Software and Affected Versions: gitlearn affected versions not specified Description: A vulnerability was found in the function getGrade/getOutOf of the file scripts/config.sh of the component Escape Sequence Handler. This issue leads to injection and can be initiated...

Arbitrary Command Execution

Overview Affected versions of this package are vulnerable to Arbitrary Command Execution. An attacker could modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious...

SwiftTerm 安全漏洞

SwiftTerm is a VT100/Xterm terminal emulator library for Swift applications from the individual developer Miguel de Icaza. SwiftTerm suffers from a security vulnerability that stems from the fact that an attacker can modify the window title with a specific character escape sequence and then inser...

PT-2022-16007 · Swiftterm · Swiftterm

Name of the Vulnerable Software and Affected Versions: SwiftTerm versions prior to a94e6b24d24ce9680ad79884992e1dff8e150a31 Description: The issue allows an attacker to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's...

xterm before 375 allows code execution via font ops e.g. because an OSC 50 response may have Ctrl-g and therefore lead to command execution within the vi line-editing mode of Zsh. NOTE: font ops are not allowed in the xterm default configurations of some Linux distributions.

...

CVE-2020-15334

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file...

CVE-2020-15334

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file...

Sql injection

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape-sequence injection into the /var/log/axxmpp.log file...

Zyxel CloudCNM SecuManager 安全漏洞

Zyxel CloudCNM SecuManager is a set of network management software from Taiwan, China-based Zyxel. The software supports centralized control, device management and intelligent monitoring. A security vulnerability exists in Zyxel CloudCNM SecuManager version 3.1.0 and 3.1.1, which originates from...

Kitty Code Execution Vulnerability

kitty is a fast, feature-rich, GPU-based terminal emulator developed by kovidgoyal. A code execution vulnerability exists in versions prior to Kitty 0.26.2 that stems from insufficient validation in the desktop notification escape sequence and can be exploited by an attacker to cause execution of...

Input validation

In Kitty before 0.26.2, insufficient validation in the desktop notification escape sequence can lead to arbitrary code execution. The user must display attacker-controlled content in the terminal, then click on a notification popup...

Kitty 安全漏洞

kitty is a fast, feature-rich, GPU-based terminal emulator developed by kovidgoyal. A code execution vulnerability exists in versions prior to Kitty 0.26.2 that stems from insufficient validation in the desktop notification escape sequence and can be exploited by an attacker to cause execution of...

PT-2022-25815 · Kitty +4 · Kitty +4

Name of the Vulnerable Software and Affected Versions: Kitty versions prior to 0.26.2 Description: The issue is related to insufficient validation in the desktop notification escape sequence, which can lead to arbitrary code execution. This occurs when a user displays attacker-controlled content ...

Debian: Security Advisory (DLA-3095-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: busybox

Issue Overview: An escape sequence injection attack was found in BusyBox on Alpine. For this issue to occur, a remote host's virtual terminal must contain an escape sequence, and the victim must then execute netstat. This flaw allows an attacker can inject arbitrary code, leading to a loss of...

[SECURITY] Fedora 36 Update: golang-github-mattn-colorable-0.1.8-5.fc36

Colorable writer for windows. For example, most of logger packages doesn't show colors on windows. This package is possible to handle escape sequence for ansi color on windows...

GHSA-5JRP-W8FR-MRWW Fluentd Escape Sequence Injection Vulnerability

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors...

Fluentd Escape Sequence Injection Vulnerability

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors...

Fluentd Escape Sequence Injection Vulnerability

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors...

OESA-2022-1648 vte security update

VTE is a terminal emulator widget for use with GTK+ 2.0. Security Fixes: The VteTerminal in gnome-terminal vte before 0.32.2 allows remote authenticated users to cause a denial of service long loop and CPU consumption via an escape sequence with a large repeat count value.CVE-2012-2738...