Lucene search
K

12 matches found

RedHat Linux
RedHat Linux
added 2025/01/28 9:18 a.m.3 views

git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs

A flaw was found in the Git LFS git extension. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the git-credential1 command without checking for embedded line-ending control characters and then sends any credentials it receives back from the Gi...

8.5CVSS5.7AI score0.0104EPSS
Exploits0References7
Veracode
Veracode
added 2024/06/25 5:1 a.m.10 views

Denial Of Service (DoS)

ZenML is vulnerable to a Denial Of Service DoS. The vulnerability is due to improper handling of line feed \n characters in component names, allowing an attacker to cause uncontrolled resource consumption by adding a component through an API endpoint api/v1/workspaces/default/components...

6.6AI score
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2018/06/08 9:0 p.m.35 views

CVE-2018-12020

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...

7.5CVSS7.2AI score0.08654EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2018/06/08 9:0 p.m.30 views

CVE-2018-12020

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...

7.5CVSS8.1AI score0.08654EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2018/06/08 12:0 a.m.34 views

CVE-2018-12020

mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represen...

7.5CVSS6.9AI score0.08654EPSS
Exploits0References12
Prion
Prion
added 2018/02/06 4:29 p.m.11 views

Directory traversal

Sandstorm before build 0.203 allows remote attackers to read any specified file under /etc or /run via the sandbox backup function. The root cause is that the findFilesToZip function doesn't filter Line Feed \n characters in a directory name...

4CVSS6.5AI score0.02355EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2015/10/30 10:13 a.m.21 views

CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

7.8CVSS7.2AI score0.02092EPSS
Exploits1References2
NVD
NVD
added 2013/05/23 3:55 p.m.16 views

CVE-2012-6553

Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote attackers to execute arbitrary code via a Portable Executable PE file with a resource section containing a string that has many tab or line feed characters...

9.3CVSS8.1AI score0.0547EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2007/04/13 6:19 p.m.24 views

CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

7.8CVSS6AI score0.02092EPSS
Exploits1References1
Prion
Prion
added 2007/04/13 6:19 p.m.13 views

Code injection

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

7.8CVSS8.8AI score0.02092EPSS
Exploits1References13Affected Software1
OSV
OSV
added 2007/04/13 6:19 p.m.9 views

CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

6.7AI score
Exploits0References13
Cvelist
Cvelist
added 2007/04/13 6:0 p.m.31 views

CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

9AI score0.02092EPSS
Exploits1References13
Rows per page
Query Builder