SUSE-SU-2026:2235-1 Security update for evince

This update for evince fixes the following issue - CVE-2026-46529: improper argument sanitization can lead to command injection bsc1265880...

SUSE-SU-2026:2232-1 Security update for evince

This update for evince fixes the following issue - CVE-2026-46529: improper argument sanitization can lead to command injection bsc1265880...

EUVD-2026-29549

An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an...

PT-2026-40114

An improper neutralization of argument delimiters in a command 'argument injection' vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2.0 through 5.2.1, FortiDeceptor 5.1 all versions, FortiDeceptor 5.0 all versions may allow an...

UBUNTU-CVE-2025-67858

A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity loss of the firewall configuration or further unspecified impact by manipulating the JSON configuration passed to nft. This issue affects Foomuuri: from ? before 0.31...

CVE-2025-66002

An Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability allows local users ton perform arbitrary unmounts via smb4k mount helper...

The vulnerability of the Service Port component 7329 of the Tenda AC23 microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the Service Port component 7329 of the Tenda AC23 microprogramming router lies in insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

SQL Injection

github.com/square/squalor is vulnerable to SQL injection. The vulnerability exists due to improper argument handling of the database queries which allows an attacker to inject and execute arbitrary SQL queries...

The vulnerabilities of the DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin microprogramming systems of D-Link DIR-846 allow a hacker to execute arbitrary commands.

The vulnerability of the DIR846A1FW100A43.bin and DIR846enFW100A53DLA-Retail.bin microprogramming systems of D-Link DIR-846 routers is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability can allow a malicious actor to execute arbitrary commands using a...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js. Remediation There is no fixed version for freediskspace. Credit: John Hopkins Security Labs...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

DEBIAN-CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

Adobe AcroPDF ActiveX Control Memory Corruption (CVE-2006-6027)

A memory corruption vulnerability exists in the Adobe AcroPDF ActiveX control. The flaw is due by improper handling of arguments passed to certain methods and properties exposed by the control. By enticing a user to open a malicious HTML page, an attacker may inject and execute arbitrary code on...

PT-2009-4932 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01 SP4, 6, 6 SP1, 7, and 8 Description: The issue arises from improper argument validation for unspecified variables, allowing remote attackers to execute arbitrary code via a crafted HTML document. This...