7 matches found
CVE-2023-46116 Remote Code Execution via insufficiently sanitized call to shell.openExternal
Tutanota Tuta Mail is an encrypted email provider. Tutanota allows users to open links in emails in external applications. Prior to version 3.118.12, it correctly blocks the file: URL scheme, which can be used by malicious actors to gain code execution on a victims computer, however fails to chec...
Path Traversal
total.js is vulnerable to path traversal attacks. The vulnerability exists in index.js where req.url is insufficiently sanitized, allowing path traversal attacks...
CVE-2018-6084
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file...
Code injection
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file...
CVE-2018-6084
Removed by vendor...
CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
Vim: Improper Implementation of shellescape()/Arbitrary Code Execution
Summary Product : Vim -- Vi IMproved Version : = 7.2a.013; tested with 7.2b Impact : Arbitrary code execution Wherefrom: Local, possibly remote Original : http://www.rdancer.org/vulnerablevim-shellescape.html http://www.rdancer.org/vulnerablevim-latest.tar.bz2 Improper implementation of the...