6 matches found
Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...
MAL-2025-8608 Malicious code in @malware-test-drail-reran-otter-theek/test-mlw3-drail-reran-otter-theek (npm)
The package @malware-test-drail-reran-otter-theek/test-mlw3-drail-reran-otter-theek was found to contain malicious code...
CVE-2019-17137
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of path strings...
Mozilla Thunderbird Path String Vulnerability
Mozilla Thunderbird is the United States Mozilla Foundation developed from the Mozilla Application Suite independent of the e-mail client software, support for IMAP, POP mail protocol and HTML mail format. A path string vulnerability exists in Mozilla Thunderbird versions prior to 52.5.2. An...
openSUSE: Security Advisory for Mozilla (openSUSE-SU-2017:3434-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Cross-site Scripting (XSS)
github.com/koding/koding is vulnerable to cross-site scripting XSS attacks. The vulnerability exists because path string is not encoded properly to handle cross-site scripting...