UBUNTU-CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

UBUNTU-CVE-2024-22423

yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...

cURL -- Escape and unescape integer overflows

The cURL project reports The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The provided string length arguments were not properly checked...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway DSGW web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject...

Server: multiple XSS issues

Multiple cross-site scripting XSS vulnerabilities in the adminutil library in the Directory Server Administration Express and Directory Server Gateway DSGW web interface in Red Hat Directory Server 7.1 before SP7 and 8 EL4 and EL5, and Fedora Directory Server, allow remote attackers to inject...