Lucene search
+L

7 matches found

nessus
nessus
added 2025/08/11 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-29542

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download...

9.8CVSS7.6AI score0.0094EPSS
Exploits0References2
amazon
amazon
added 2024/05/30 12:0 a.m.8 views

Important: less

Issue Overview: less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation als...

8.6CVSS7.2AI score0.00628EPSS
Exploits0
osv
osv
added 2024/04/13 3:15 p.m.6 views

AZL-39914 CVE-2024-32487 affecting package less for versions less than 643-2

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...

8.6CVSS7AI score0.00628EPSS
Exploits0References1
osv
osv
added 2024/04/13 3:15 p.m.93 views

UBUNTU-CVE-2024-32487

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the...

8.6CVSS7AI score0.00628EPSS
Exploits0References4
osv
osv
added 2023/06/19 11:15 a.m.3 views

CVE-2023-29542

A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. This bug only affects Firefox and Thunderbird on Windows. Other versions...

9.8CVSS5.9AI score0.0094EPSS
Exploits0References5
osv
osv
added 2023/06/19 11:15 a.m.10 views

UBUNTU-CVE-2023-29542

A newline in a filename could have been used to bypass the file extension security mechanisms that replace malicious file extensions such as .lnk with .download. This could have led to accidental execution of malicious code. This bug only affects Firefox and Thunderbird on Windows. Other versions...

9.8CVSS7.4AI score0.0094EPSS
Exploits0References4
vulncheck_kev
vulncheck_kev
added 2022/02/22 12:0 a.m.5 views

VulnCheck KEV: CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

8.1CVSS6.7AI score0.86006EPSS
Exploits0References1
Rows per page
Query Builder