Lucene search
K

7 matches found

Veracode
Veracode
added 2026/06/12 3:22 a.m.16 views

Information Exposure

Element Call is vulnerable to Information Exposure. The vulnerability is due to analytics data including full page URLs and URL fragments being sent to a configured PostHog server, which allows an attacker with access to the analytics data to obtain sensitive information such as call encryption...

5.2AI score0.00023EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/11 1:26 p.m.7 views

GHSA-6VHH-4XW6-H2H2 Element Call reports full URLs of visited pages to analytics server

Impact Element Call versions 0.5.17 through 0.19.3 report analytics data to a PostHog server, when configured to by a posthog key in config.json or by the posthogApiHost and posthogApiKey URL parameters. Several fields of this data $initialpersoninfo, $sessionentryurl, and $currenturl were found ...

8.6CVSS5.5AI score0.00023EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-50542

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00656EPSS
Exploits0References2
NVD
NVD
added 2023/10/23 12:15 a.m.23 views

CVE-2023-46321

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line...

9.8CVSS9.6AI score0.00656EPSS
Exploits0References2
Prion
Prion
added 2023/10/23 12:15 a.m.13 views

Command injection

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize paths in x-man-page URLs. They may have shell metacharacters for a /usr/bin/man command line...

7.5CVSS9.5AI score0.00656EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/22 12:0 a.m.12 views

PT-2023-29958 · Iterm2 · Iterm2

Name of the Vulnerable Software and Affected Versions: iTerm2 versions prior to 3.5.0beta12 Description: The issue is related to the iTermSessionLauncher.m component in iTerm2, which does not properly sanitize paths in x-man-page URLs. This can lead to the inclusion of shell metacharacters in a...

9.8CVSS6.9AI score0.00656EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.5 views

PT-2022-17418 · Unknown · Identity Manager

Name of the Vulnerable Software and Affected Versions: Identity Manager affected versions not specified Description: An unauthenticated user can access specific page URLs of Identity Manager's management console. However, the system does not allow the user to carry out server-side tasks without a...

5.3CVSS5.2AI score0.00687EPSS
Exploits0References4
Rows per page
Query Builder