Lucene search
K

6 matches found

NVD
NVD
added 2026/03/19 2:16 a.m.10 views

CVE-2026-31994

OpenClaw versions prior to 2026.2.19 contain a local command injection vulnerability in Windows scheduled task script generation due to unsafe handling of cmd metacharacters and expansion-sensitive characters in gateway.cmd files. Local attackers with control over service script generation...

7.8CVSS0.00571EPSS
Exploits0References3
Veracode
Veracode
added 2024/11/19 11:40 a.m.10 views

Input Validation Bypass

symfony is vulnerable to input Validation Bypass. The vulnerability is caused by improper handling of the $ metacharacter in regular expressions, allowing an attacker to bypass validation with inputs ending in \n...

3.1CVSS6.5AI score0.00465EPSS
Exploits0References6Affected Software2
OSV
OSV
added 2024/04/10 1:28 a.m.8 views

SUSE-SU-2024:1190-1 Security update for less

This update for less fixes the following issues: - CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters bsc1219901...

7.8CVSS7AI score0.01059EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/14 1:49 a.m.16 views

karo Metacharacter Handling Remote Command Execution

The karo gem through 2.5.2 for Ruby allows Remote command injection via the host field. A flaw in db.rb is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands. In particular lines 76 and 95 as of 2014-06-01 pass unsanitized user supplied input to...

9.8CVSS9.9AI score0.03537EPSS
Exploits1References7Affected Software1
RubySec
RubySec
added 2014/06/30 12:0 a.m.15 views

gyazo Gem for Ruby client.rb Metacharacter Handling Remote Command Execution

gyazo Gem for Ruby contains a flaw in client.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands...

5.5CVSS7.4AI score0.00477EPSS
Exploits1References1Affected Software1
RubySec
RubySec
added 2014/06/30 12:0 a.m.20 views

karo Gem for Ruby db.rb Metacharacter Handling Remote Command Execution

The karo gem 2.3.8 for Ruby allows Remote command injection via the host field. karo Gem for Ruby contains a flaw in db.rb that is triggered when handling metacharacters. This may allow a remote attacker to execute arbitrary commands. CWE-77 - Improper Neutralization of Special Elements used in a...

9.8CVSS7.6AI score0.03537EPSS
Exploits1References1
Rows per page
Query Builder