35 matches found
EUVD-2018-15622
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-7440
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command injection via a $command approach in the gplot rootname argumen...
Linux Distros Unpatched Vulnerability : CVE-2018-7442
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially...
SUSE CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
SUSE CVE-2018-7442
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite...
CVE-2018-7442
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function does not block '/' characters in the gplot rootname argument, potentially leading to path traversal and arbitrary file overwrite...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
Leptonica Command Injection Vulnerability
Leptonica is an open source system for image processing and image analysis applications. A command injection vulnerability exists in the 'gplotMakeOutput' function in Leptonica version 1.74.4. An attacker can exploit this vulnerability by entering a malicious path to execute arbitrary code...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
DEBIAN-CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
Command injection
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
UBUNTU-CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
Leptonica 1.74.4 is affected by CVE-2018-3836 in gplotMakeOutput, where the gplot rootname can trigger a command injection leading to arbitrary code execution. This is a local-access vulnerability; CVSS base scores indicate HIGH severity. Public references and advisories note that an improved fix...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
The vulnerability of the gplotMakeOutput function in the Leptonica image processing library allows a hacker to execute any command they desire.
The vulnerability of the gplotMakeOutput function in the Leptonica image processing library is related to insufficient cleaning of input data. Exploiting this vulnerability allows a malicious actor to execute any command remotely using the argument gplot rootname...
Leptonica 'gplotMakeOutput' Function Path Traversal Vulnerability
Leptonica is an open source system for image processing and image analysis applications. A directory traversal vulnerability exists in Leptonica 1.75.3 and earlier versions, which stems from a failure of the 'gplotMakeOutput' function to restrict the '/' character in the gplot rootname parameter...
Leptonica 'gplotMakeOutput' Function Command Injection Vulnerability
Leptonica is an open source system for image processing and image analysis applications. A security vulnerability exists in the 'gplotMakeOutput' function in Leptonica 1.75.3 and earlier versions. An attacker can exploit the vulnerability to inject commands...