Arbitrary Code Injection

Overview pywikibot is a Python MediaWiki Bot Framework Affected versions of this package are vulnerable to Arbitrary Code Injection via the readPassword method in pywikibot.login, which used eval on password file entries. Each non-empty, non-comment line from the configured password file was...

UBUNTU-CVE-2021-41737

In Faust 2.23.1, an input file with the lines "// r visualisation tCst" and "//process = +: L: abM-^Q;" and "process = route3333333333333333333,2,1,2,3,1 : ;" leads to stack consumption...

SUSE CVE-2015-0221

The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service memory consumption via a long line in a file...

Buffer overflow

Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via 1 a long command line argument and 2 a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the...