14 matches found
CVE-2026-42284
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, clone validates multioptions as the original list, then executes shlex.split" ".joinmultioptions. A string like "--branch main --config core.hooksPath=/x" passes validation starts with --branch, but aft...
CVE-2026-4519
The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to webbrowser.open...
EUVD-2025-34870
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in nxicmpv6validateoptions when handling a packet with ICMP6 options...
EUVD-2024-38047
Malicious code in bioql PyPI...
Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17363)
Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server that originates from improper handling of the Server: Options component and can be exploited by an attacker to cause a denial of service...
UBUNTU-CVE-2024-56745
In the Linux kernel, the following vulnerability has been resolved: PCI: Fix resetmethodstore memory leak In resetmethodstore, a string is allocated via kstrndup and assigned to the local "options". options is then used in with strsep to find spaces: while name = strsep&options, " " != NULL If...
CVE-2024-39522
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...
In LuaJIT through 2.0.5 as used in Moonjit before 2.1.2 and other products debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations because certain cases involving valid stack levels and > options are mishandled. NOTE: The LuaJIT project owner states that the debug libary is unsafe by definition and that this is not a vulnerability. When LuaJIT was originally developed the expectation was that the entire debug library had no security guarantees and thus it made no sense to assign CVEs. However not all users of later LuaJIT derivatives share this perspective
...
CVE-2023-25136
A flaw was found in the OpenSSH server sshd, which introduced a double-free vulnerability during options.kexalgorithms handling. An unauthenticated attacker can trigger the double-free in the default configuration...
libnbd 安全漏洞
libnbd is a library for editing NBD Network Block Device clients. A security vulnerability exists in libnbd 1.7.3, which stems from the fact that a failure of the nbd unlocked opt go in ilb opt.c assertion may result in a denial of service...
ISC BIND 9 EDNS Processing DoS
According to its self-reported version number, the remote installation of BIND is affected by a denial of service vulnerability. The issue exists due to an error in 'libdns' that fails to properly handle Extension Mechanisms for DNS EDNS options. Note that Nessus has not tested for this issue but...
PT-2012-4803 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0 Description: A race condition exists in the IP implementation of the Linux kernel, potentially allowing remote attackers to cause a denial of service. This can be achieved by sending packets to an applicatio...
DEBIAN-CVE-2005-2023
The sendpinentryenvironment function in asshelp.c in gpg2 on SUSE Linux 9.3 does not properly handle certain options, which can prevent pinentry from being found and causes S/MIME signing to fail...
Snort 2.12.2 - DecodeTCPOptions Remote Denial of Service (1)
Snort 2.12.2 - DecodeTCPOptions Remote Denial of Service 1 // source: https://www.securityfocus.com/bid/12084/info Snort is reported prone to a remote denial of service vulnerability. The vulnerability is reported to exist in the DecodeTCPOptions function of 'decode.c', and is as a result of a...