PT-2026-49555

Name of the Vulnerable Software and Affected Versions markdown-it affected versions not specified Description A quadratic time complexity issue exists in the smartquotes rule when the typographer: true option is enabled. An attacker can provide markdown input containing a large number of...

Andrea ST Filters Service Code Issues and Vulnerabilities

Andrea ST Filters Service is an audio enhancement driver component developed by Andrea Corporation in the United States. Version 1.0.64.7 of Andrea ST Filters Service contains a code vulnerability. This vulnerability stems from the service path in the Windows service configuration that lacks...

PT-2025-53453

Name of the Vulnerable Software and Affected Versions Eaton UPS Companion affected versions not specified Description A flaw exists in the Eaton UPS Companion software installer related to improper handling of quotation marks in search paths. This could allow an attacker with file system access t...

EUVD-2009-5000

Malware in sbrugna...

CVE-2009-5043

burn allows file names to escape via mishandled quotation marks...

Advisory ROSA-SA-2024-2488

Software: less 458 OS: rosa-server79 packageevrstring: less-458-10.res7 CVE-ID: CVE-2024-32487 BDU-ID: 2024-03717 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the UNIX-like UNIX text terminal utility Less is related to incorrect handling of quotation marks in the filename.c file. Exploitation of...

The vulnerability of the Grafana Alloy data visualization system lies in the absence of quotation marks when writing elements or search paths. This allows attackers to escalate their privileges.

The vulnerability of the Grafana Alloy data visualization system is related to the absence of quotation marks in the wording of elements or search paths. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Grafana Agent’s data visualization system lies in the lack of quotation marks when writing elements or search paths, allowing attackers to exploit their privileges.

The vulnerability of the Grafana Agent visualization system is related to the absence of quotation marks in the writing of elements or search paths. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Setup/Deployment component of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Setup/Deployment component of the Windows operating system is related to the absence of quotation marks in the syntax of certain elements or search paths. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Hitachi Device Manager storage management system lies in the absence of quotation marks in the wording of elements or search paths. This allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Hitachi Device Manager storage management system is related to the absence of quotation marks in the wording of elements or search paths. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected...

The vulnerability of the installation package for the FTRA software, a remote access solution for Rockwell Automation’s FactoryTalk Remote Access systems, allows a perpetrator to execute arbitrary code.

The vulnerability of the installation package of the FTRA software for remote access to Rockwell Automation’s FactoryTalk Remote Access systems is related to the absence of quotation marks in the syntax of certain elements or search paths. Exploiting this vulnerability could allow an attacker to...

ROS-20240516-01

Vulnerability of Less, a utility for UNIX-like text terminals, is related to incorrect processing of quotation marks in filename.c file. quotes in the filename.c file. Exploitation of the vulnerability could allow an attacker to execute arbitrary commands...

The vulnerability of the Easergy Studio software for configuring, monitoring, and controlling industrial equipment lies in the absence of quotation marks when writing elements or search paths. This allows a malicious individual to exploit their privileges.

The vulnerability of the Easergy Studio software for configuring, monitoring, and controlling industrial equipment is related to the absence of quotation marks in the wording of elements or search paths. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the SetupAsusServices module in the software for managing and configuring connected devices from Asus Armoury Crate allows a hacker to gain increased privileges.

The vulnerability of the SetupAsusServices module in the software for managing and configuring connected devices in Asus Armoury Crate is related to the absence of quotation marks in the wording of certain elements or search paths. Exploiting this vulnerability can allow an attacker to gain...

CVE-2023-36479

Eclipse Jetty Canonical Repository is the canonical repository for the Jetty project. Users of the CgiServlet with a very specific command structure may have the wrong command executed. If a user sends a request to a org.eclipse.jetty.servlets.CGI Servlet for a binary with a space in its name, th...

Event Booking Calendar 4.0 Cross Site Scripting Vulnerability

Title: Event Booking Calendar-4.0 XSS-Reflected Author: nu11secur1ty Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/event-booking-calendar/sectionDemo Reference: https://portswigger.net/web-security/cross-site-scripting/reflected Description: The value of the index reque...

Sql injection

In SpringBlade V3.6.0 when executing SQL query, the parameters submitted by the user are not wrapped in quotation marks, which leads to SQL injection...

The vulnerability of the data exchange server between automation systems and devices, using the OPC AO-OPC standard, arises from the absence of quotation marks in the syntax of elements or search paths. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the data exchange server between automation systems and devices, using the OPC AO-OPC standard, is related to the absence of quotation marks in the syntax of elements or search paths. Exploiting this vulnerability allows attackers to execute arbitrary code and increase their...

Senayan Library Management System 9.0.0 Cross Site Scripting

Title: Senayan Library Management System v9.0.0 a.k.a SLIMS 9 Multiple XSS-Reflected vulnerabilities Author: nu11secur1ty Date: 12.09.2022 Vendor: https://slims.web.id/web/ Software: https://github.com/slims/slims9bulian/releases/download/v9.0.0/slims9bulian-9.0.0.zip Reference:...

The vulnerability of server installers for Building Management Systems Enterprise Server and Enterprise Central on Windows operating systems allows a hacker to increase their privileges.

The vulnerability of server installers for Building Management Systems like Enterprise Server and Enterprise Central on Windows operating systems is related to the absence of quotation marks in the wording of search elements or paths. Exploiting this vulnerability can allow attackers to increase...