6 matches found
CVE-2026-32703
OpenProject is an open-source, web-based project management software. In versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1, the Repositories module did not properly escape filenames displayed from repositories. This allowed an attacker with push access into the repository to create commits wit...
CVE-2009-5043
burn allows file names to escape via mishandled quotation marks...
CLSA-2025-1744927038 libreoffice: Fix of CVE-2023-6185
CVE-2023-6185: escape filename of embedded video to prevent execution of arbitrary GStreamer plugins...
CVE-2009-5043
Removed by vendor...
DTSA-143-1 vim - filename escape vulnerability
Bulletin has no description...
gaim -- malicious smiley themes
The Gaim Security Issues page documents a problem with installing smiley themes from an untrusted source: To install a new smiley theme, a user can drag a tarball from a graphical file manager, or a hypertext link to one from a web browser. When a tarball is dragged, Gaim executes a shell command...