OpenStack Horizon RC file generation does not escape special characters in project names

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

EUVD-2026-37723

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

CVE-2026-55748

OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security hardening opportunity to address certain types of user error, not a vulnerability...

PT-2026-46398

Name of the Vulnerable Software and Affected Versions Shibby Tomato version 1.28.0000 Description An OS command injection issue exists in the Web UI component within the start vpnserver function of the /sbin/rc file. This flaw allows a remote attacker to execute arbitrary operating system command...

CVE-2026-41392

OpenClaw has a vulnerability (CVE-2026-41392) where exec allowlist matching can be bypassed by shell init-file wrapper invocations. Affected product: OpenClaw before 2026.3.31. Attack path involves using shell options such as --rcfile, --init-file, and --startup-file to load attacker-controlled i...

PT-2026-35776

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.31 Description An exec allowlist bypass allows attackers to inherit allowlist trust through shell init-file wrapper invocations. By utilizing shell options such as --rcfile, --init-file, and --startup-file,...

Untrusted Search Path

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Untrusted Search Path in the installation of local plugins or hooks, specifically when executing npm install --omit=dev --silent --ignore-scripts within a staged directory that may contai...

PT-2026-8322

Name of the Vulnerable Software and Affected Versions WAYOS FBM-220G version 24.10.19 Description A flaw exists in WAYOS FBM-220G version 24.10.19 related to command injection. Manipulation of the arguments upnp waniface, upnp ssdp interval, and upnp max age within the sub 40F820 function of the ...

The vulnerability of the Labvantage LIMS file /labvantage/rc?command=file&file=WEB-CORE/elements/files/filesembedded.jsp&size=32 allows a attacker to execute XSS attacks.

The vulnerability of the /labvantage/rc file, with parameters command=file&file=WEB-CORE/elements/files/filesembedded.jsp&size=32, is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows an attacker to execute XSS attacks via the height/width...

UBUNTU-CVE-2023-32076

in-toto is a framework to protect supply chain integrity. The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification. In versions 1.4.0 and prior, among the...

Ubuntu 6.06 LTS / 7.04 / 7.10 : openssh vulnerabilities (USN-649-1)

It was discovered that the ForceCommand directive could be bypassed. If a local user created a malicious /.ssh/rc file, they could execute arbitrary commands as their user id. This only affected Ubuntu 7.10. CVE-2008-1657 USN-355-1 fixed vulnerabilities in OpenSSH. It was discovered that the fixe...

Session fixation

OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshdconfig ForceCommand directive by modifying the .ssh/rc session file...

PT-2008-1129 · Openbsd +1 · Openssh +1

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 4.4 through 4.7 OpenSSH versions prior to 4.9 Description: The issue concerns multiple vulnerabilities in the OpenSSH package that can be exploited to compromise the confidentiality, integrity, and availability of protected...

xfce -- multiple vulnerabilities

Gentoo reports: A remote attacker could entice a user to install a specially crafted "rc" file to execute arbitrary code via long strings in the "Name" and "Comment" fields or via unspecified vectors involving the second vulnerability...

Stack overflow

Stack-based buffer overflow in rcdll.dll in msdev.exe in Visual C++ MSVC in Microsoft Visual Studio 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a long file path in the "1 TYPELIB MOVEABLE PURE" option in an RC file...

mssploit.txt

Advisory: //////////// Microsoft Visual C++ 6.0 is prone to stack based memory corruption vulnerability during processing .RC resource files, caused by the lack of input data boundary check. Vulnerable software: //////////////////// Microsoft Visual Studio 6.0 SP6 Impact: /////// Remote code...