Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-0223

Malware in sbrugna...

9.8CVSS9.3AI score0.0256EPSS
Exploits0References6
OSV
OSV
added 2018/08/15 8:4 p.m.2 views

GHSA-9WV8-JGW4-4G28 High severity vulnerability that affects festivaltts4r

Withdrawn, accidental duplicate publish. The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...

9.8CVSS9.8AI score0.0256EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2018/08/15 8:4 p.m.15 views

High severity vulnerability that affects festivaltts4r

Withdrawn, accidental duplicate publish. The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...

9.8CVSS7.5AI score0.0256EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2017/10/24 6:33 p.m.37 views

GHSA-F7F4-5W9J-23P2 festivaltts4r allows arbitrary command execution

The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...

9.8CVSS9.8AI score0.0256EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.20 views

festivaltts4r allows arbitrary command execution

The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...

9.8CVSS8.6AI score0.0256EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2017/03/07 12:0 a.m.3 views

festivaltts4r gem for Ruby Remote Command Execution Vulnerability

The festivaltts4r gem for Ruby is a Ruby-based language interface for the Festival TTS speech synthesis system. A security vulnerability exists in the festivaltts4r gem for Ruby. A remote attacker can exploit this vulnerability by sending a string with shell metacharacters to the tospeech or tomp...

9.8CVSS7.5AI score0.0256EPSS
Exploits0References1
NVD
NVD
added 2017/03/03 3:59 p.m.11 views

CVE-2016-10194

The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the 1 tospeech or 2 tomp3 method in lib/festivaltts4r/festival4r.rb...

9.8CVSS9.8AI score0.0256EPSS
Exploits0References3
CVE
CVE
added 2017/03/03 3:0 p.m.71 views

CVE-2016-10194

CVE-2016-10194 affects the Ruby gem festivaltts4r. The vulnerability arises in the library code lib/festivaltts4r/festival4r.rb, where remote attackers can cause arbitrary command execution by injecting shell metacharacters into strings passed to the to_speech or to_mp3 methods. This is a shell c...

9.8CVSS9.8AI score0.0256EPSS
Exploits0References3Affected Software1
RubySec
RubySec
added 2016/04/23 12:0 a.m.26 views

festivaltts4r Gem for Ruby Arbitrary Command Execution

festivaltts4r passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to the tospeech and and tomp3 methods in lib/festivaltts4r/festival4r.rb library...

9.8CVSS6.5AI score0.0256EPSS
Exploits0References1
Rows per page
Query Builder