CVE-2026-32010

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the safe-bin configuration when sort is manually added to tools.exec.safeBins. Attackers can invoke sort with the --compress-program flag to execute arbitrary external programs without operator approval in allowlist...

CVE-2024-3459

KioWare for Windows versions all through 8.34 allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browser, search through local files and, subsequently,...

Huawei EulerOS: Security Advisory for libXpm (EulerOS-SA-2023-2108)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.11.0 : libXpm (EulerOS-SA-2023-2108)

According to the versions of the libXpm package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called...

EulerOS 2.0 SP10 : libXpm (EulerOS-SA-2023-1556)

According to the versions of the libXpm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and c...

SUSE CVE-2008-7002

PHP 5.2.5 does not enforce a openbasedir and b safemodeexecdir restrictions for certain functions, which might allow local users to bypass intended access restrictions and call programs outside of the intended directory via the 1 exec, 2 system, 3 shellexec, 4 passthru, or 5 popen functions,...

Advisory ROSA-SA-2023-2096

Software: libXpm 3.5.12 OS: rosa-server79 packageevrstring: libXpm-3.5.12-1 CVE-ID: CVE-2022-4883 BDU-ID: 2023-00388 CVE-Crit: HIGH CVE-DESC: When processing files with .Z or .gz extensions, the library calls external programs to compress and decompress the files, relying on the PATH environment...

How to create pseudo log-vulnerability warning-the black bar safety net

A, execute the external program DIM objShell set objShell="" iReturn=" /C set var=world", 1, TRUE Save As. the vbs file can be. In this code, we first set an environment variable, which is named var, and the value of the world, the user can use%Comspec%instead, and you can put the command: set...

USN-493-1: Firefox vulnerabilities

A flaw was discovered in handling of "about:blank" windows used by addons. A malicious web site could exploit this to modify the contents, or steal confidential data such as passwords, of other web pages. CVE-2007-3844 Jesper Johansson discovered that spaces and double-quotes were not correctly...

TC-IDE unfiltered shell characters problem

Shell characters filtering problem on external program execution in multiple utilities...

a2ps -- insecure command line argument handling

Rudolf Polzer reports: a2ps builds a command line for file containing an unescaped version of the file name, thus might call external programs described by the file name. Running a cronjob over a public writable directory a2ps-ing all files in it - or simply typing "a2ps .txt" in /tmp - is...

Shell metacharacters in Simple WAIS 1.11

'|' is not commented during external program execution...

Redhat 6.2 dump command executes external program with suid priviledge.

Problem: Linux dump command executes external program with suid priviledge. 2. Tested Version dump-0.4b15 3. Example mat@localhost mat$ export TAPE=garbage:garbage mat@localhost mat$ export RSH=/home/mat/executethis mat@localhost mat$ cat /home/mat/executethis !/bin/sh cp /bin/sh /home/mat/sh...