9 matches found
CVE-2026-4408 Samba: remote code execution in samr
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper...
CVE-2026-35386
In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...
rexml: DoS vulnerability in REXML
An uncontrolled resource consumption vulnerability was found in REXML. When parsing an untrusted XML with many specific characters such as , it can lead to a denial of service...
CVE-2023-5719
The Crimson 3.2 Windows-based configuration tool allows users with administrative access to define new passwords for users and to download the resulting security configuration to a device. If such a password contains the percent % character, invalid values will be included, potentially truncating...
CVE-2022-31739
When downloading files on Windows, the % character was not escaped, which could have lead to a download incorrectly being saved to attacker-influenced paths that used variables such as %HOMEPATH% or %APPDATA%.This bug only affects Firefox for Windows. Other operating systems are unaffected.. This...
The vulnerability of the SSH Dropbear session management software lies in insufficient input data validation, allowing an attacker to execute arbitrary code.
The vulnerability of the SSH Dropbear session management software exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by using the percent symbol “%” as a format specifier in arguments for “username” or “host”...
cURL Information Disclosure Vulnerability
cURL is a command line file transfer tool that supports FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP. An information disclosure vulnerability exists in the ourWriteOut function of toolwriteout.c in cURL 7.53.1, where an attacker can obtain sensitive information by reading the...
UBUNTU-CVE-2017-7407
The ourWriteOut function in toolwriteout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of a --write-out argument ending in a '%' character, which leads to a...
curl: Loop counter error, leading to heap-based buffer overflow when decoding certain URLs
Heap-based buffer overflow in the curleasyunescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted string ending in a "%" percent character...