26 matches found
SIPp 安全漏洞
SIPp is an open-source SIP protocol testing tool and traffic generator developed by SIPp. Versions of SIPp 3.6 and earlier contained security vulnerabilities. These vulnerabilities stemmed from local buffer overflows in the handling of command-line parameters, which could allow local attackers to...
CVE-2026-5054
NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...
CVE-2026-5054
CVE-2026-5054 – NoMachine Local Privilege Escalation . The issue is in NoMachine’s handling of command line parameters, where user-supplied paths are not properly validated before file operations. This can allow a local attacker who can execute low-privilege code to escalate to root and run arbit...
CLSA-2025-1762180717 Fix CVE(s): CVE-2022-2343, CVE-2022-2522
SECURITY UPDATE: Reading past end of completion with a long line and 'infercase' set - debian/patches/CVE-2022-2343.patch: Allocate the string if needed - CVE-2022-2343 SECURITY UPDATE: Accessing uninitialized memory when completing long line - debian/patches/CVE-2022-2522.patch: Terminate string...
EUVD-2020-27716
Malware in sbrugna...
EUVD-2024-54014
Malicious code in bioql PyPI...
CLSA-2025-1756408700 nodejs: Fix of CVE-2024-25629
CVE-2024-25629: prevent reading before buffer start when parsing config files containing an embedded NULL as the first character of a line by discarding such lines in aresreadline...
The vulnerability of the buc Traceroute tool, related to incorrect handling of code lines, allows a hacker to execute arbitrary code.
The vulnerability of the buc Traceroute tool is related to incorrect processing of code lines. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the administrator consoles of microprogrammed software for wireless signal amplifiers from D-Link’s DCH-M225 allows a intruder to execute arbitrary commands.
The vulnerability of the administrator consoles of microprogrammed software for D-Link DCH-M225 wireless signal amplifiers is related to the lack of measures taken to neutralize special elements used in the operating system’s command processing when handling the “media renderer” parameter in the...
USN-5356-1 dosbox vulnerabilities
Alexandre Bartel discovered that DOSBox incorrectly handled long lines in certain files. An attacker could possibly use this issue to execute arbitrary code. CVE-2019-7165 Alexandre Bartel discovered that DOSBox incorrectly performed access control over certain directories. An attacker could...
Authorization Bypass
chromium is vulnerable to authorization bypass. Insufficient validation of untrusted input in command line handling allows a remote attacker to bypass navigation restrictions via a malicious HTML page...
PT-2020-16299 · Jquery +2 · Jquery +2
Name of the Vulnerable Software and Affected Versions: MediaWiki MobileFrontend extension versions prior to 1.34.4 Description: The issue exists due to the mishandling of section.line during regex section line replacement from PageGateway. An attacker can exploit this by using crafted HTML to...
CVE-2020-6567
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
CVE-2020-6567
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
CVE-2020-6567
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
CVE-2020-6567
Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
RHEL 6 : chromium-browser (RHSA-2020:3723)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3723 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 85.0.4183.83. Security Fixes:...
OPENSUSE-SU-2020:1328-1 Security update for chromium
This update for chromium fixes the following issues: Chromium was updated to version 85.0.4183.83 boo1175757 fixing: - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill -...
chromium -- multiple vulnerabilities
Chrome Releases reports: This update includes 20 security fixes, including: 1109120 High CVE-2020-6558: Insufficient policy enforcement in iOS. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-24 1116706 High CVE-2020-6559: Use after free in presentation API. Report...
Security vulnerabilities fixed in Firefox ESR 60.6 — Mozilla
A use-after-free vulnerability can occur when a raw pointer to a DOM element on a page is obtained using JavaScript and the element is then removed while still in use. This results in a potentially exploitable crash. The type inference system allows the compilation of functions that can cause typ...