CVE-2025-14549

In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse OpenJ9 consumers of OMR on Z processors incorrectly handles NUL 0x00 characters during the Latin-compatible charset UTF-8, ISO8859-1, ASCII, etc to IBM-1047/037 translation sequence. This can cause the...

CVE-2025-14549

In the Eclipse OMR compiler component, since release 0.7.0, an optimization enabled for Eclipse OpenJ9 consumers of OMR on Z processors incorrectly handles NUL 0x00 characters during the Latin-compatible charset UTF-8, ISO8859-1, ASCII, etc to IBM-1047/037 translation sequence. This can cause the...

EUVD-2019-19256

Malware in sbrugna...

EUVD-2022-6785

Malicious code in bioql PyPI...

EUVD-2024-40450

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-39243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's...

Unsanitized NUL in environment variables on Windows in syscall and os/exec

...

CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

Vim < 9.1.0689 Heap Buffer Overflow

The version of Vim installed on the remote host is after 9.1.0425 and prior to 9.1.0689. It is, therefore, affected by a heap buffer overflow vulnerability. When performing a search and displaying the search-count message is disabled :set shm+=S, the search pattern is displayed at the bottom of t...

ALPINE-CVE-2024-43790

Vim is an open source command line text editor. When performing a search and displaying the search-count message is disabled :set shm+=S, the search pattern is displayed at the bottom of the screen in a buffer msgbuf. When right-left mode :set rl is enabled, the search pattern is reversed. This...

NuProcess Command Injection Vulnerability

NuProcess is a low-overhead, non-blocking I/O, external process implementation of Java from Brett Wooldridge's personal developer. NuProcess 1.2.0 and later, and versions prior to 2.0.5, are vulnerable to command injection, which stems from the failure of a network system or product to properly...

CVE-2022-39243

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

Design/Logic Flaw

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

CVE-2022-39243 NuProcess vulnerable to command-line injection through insertion of NUL character(s)

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

CVE-2022-39243 NuProcess vulnerable to command-line injection through insertion of NUL character(s)

NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes by using the JVM's JavajavalangUNIXProcessforkAndExec method 1.2.0+, attackers can use NUL characters in their strings to perform command line injection. Java's...

CVE-2022-39243

NuProcess 1.2.0+ libraries that fork via the JVM UNIXProcess_forkAndExec are vulnerable to command line injection when attackers supply NUL characters, exploitable on Linux. The root cause is that NuProcess lacks the check present in Java’s ProcessBuilder.start to sanitize NULs, allowing injected...

NuProcess 安全漏洞

NuProcess is a low-overhead, non-blocking I/O, external process implementation of Java from Brett Wooldridge's personal developer. NuProcess 1.2.0 and later, and versions prior to 2.0.5, are vulnerable to command injection, which stems from the failure of a network system or product to properly...

PT-2022-24837 · Nuprocess · Nuprocess

Name of the Vulnerable Software and Affected Versions: NuProcess versions 1.2.0 through 2.0.4 Description: NuProcess is an external process execution implementation for Java that is vulnerable to command line injection attacks. Attackers can use NUL characters in their strings to inject command...

OESA-2022-1877 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained,high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

Spoofing Attack

php is vulnerable to spoofing attacks. It was discovered that PHP was affected by the previously published "null prefix attack", caused by incorrect handling of NUL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate...