17 matches found
CVE-2025-62429 ClipBucket v5 executes arbitrary PHP code
ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 147, ClipBucket v5 is vulnerable to arbitrary PHP code execution. In /upload/adminarea/actions/updatelaunch.php, the "type" parameter from a POST request is embedded into PHP tags and executed. Proper sanitization is n...
ClipBucket 安全漏洞
ClipBucket is an open source and freely downloadable PHP script from MacWarrior Open Source. It is used for sharing video sites. A security vulnerability exists in ClipBucket v5 prior to 5.5.2, which stems from an incorrect manipulation of the parameter type in the file...
Command injection
Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input...
PT-2023-18616 · Nsa · Ghidra
Name of the Vulnerable Software and Affected Versions: NSA Ghidra versions 10.2.2 and earlier Description: The issue arises from the Ghidra/RuntimeScripts/Linux/support/launch.sh script in NSA Ghidra, which passes user-provided input into eval, leading to command injection when analyzeHeadless is...
NSA Ghidra 命令注入漏洞
NSA Ghidra is an open source reverse engineering tool from the National Security Agency NSA. A security vulnerability exists in NSA Ghidra versions 10.2.2 and earlier, which stems from its Ghidra/RuntimeScripts/Linux/support/launch.sh file passing user-supplied input to eval, which when called wi...
CVE-2023-22671
Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input...
Moderate severity vulnerability that affects org.springframework.boot:spring-boot
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...
GHSA-XX65-CC7G-9PFP Moderate severity vulnerability that affects org.springframework.boot:spring-boot
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...
CVE-2018-1196
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...
CVE-2018-1196
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...
Code injection
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...
CVE-2018-1196
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...
CVE-2018-1196
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "runuser" to overwrite and...
Mandriva Update for mozilla-thunderbird MDVSA-2010:211 (mozilla-thunderbird)
Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2010:211 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
Mandriva Update for mozilla-thunderbird MDVSA-2010:211 (mozilla-thunderbird)
Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2010:211 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
CVE-2010-3182
A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan hor...
Fedora 12 : quake3-1.36-7.svn1783.fc12 (2010-8558)
Wed May 12 2010 Xavier Lamien - 1.36-7.svn1783 - Update release to svn revision r1783. - Remove botlib-strcpy-abuse patch added upstream. - Thu Jan 21 2010 Hans de Goede 1.36-6 - Update fix autodlrc mirror URL's 557252 - Fri Dec 18 2009 Hans de Goede 1.36-5 - Modify Urban Terror launch script to...