CVE-2012-2142

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator...

Code injection

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator...

CVE-2012-2142

CVE-2012-2142 affects Poppler up to version 0.21.4, where the error function in Error.cc can be abused by a crafted PDF containing an escape sequence for a terminal emulator to execute arbitrary commands. The vulnerability arises from improper handling of escape sequences in PDFs, enabling potent...

CVE-2012-2142

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator...

CVE-2019-20348

OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to interrupt the boot sequence in order to execute arbitrary commands with root privileges and conduct further attacks...

F5 Networks BIG-IP : OpenSSH vulnerability (K32485746)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.0. It is, therefore, affected by a vulnerability as referenced in the K32485746 advisory. sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a...

PT-2019-5065

Name of the Vulnerable Software and Affected Versions Linux affected versions not specified FreeBSD affected versions not specified OpenBSD affected versions not specified MacOS affected versions not specified iOS affected versions not specified Android affected versions not specified Description...

CVE-2019-17007

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service...

UBUNTU-CVE-2019-17007

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service...

CVE-2019-2266

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

Double free

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

CVE-2019-2266

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and...

CVE-2009-5047

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-4611. Reason: This candidate is a duplicate of CVE-2009-4611. Notes: All CVE users should reference CVE-2009-4611 rather than this candidate. All references and descriptions in this candidate have been removed to prevent...

PT-2019-6517 · Eclipse · Jetty

Name of the Vulnerable Software and Affected Versions: Jetty versions 6.x through 6.1.21 Description: The issue concerns an escape sequence injection vulnerability that can be exploited through two vectors: the "Cookie Dump Servlet" and the HTTP Content-Length header. Specifically, a POST request...

EulerOS 2.0 SP5 : icu (EulerOS-SA-2019-2159)

According to the versions of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Regular Expressions package in International Components for Unicode ICU 52 before SVN revision 292944, as used in Google Chrome before...

EulerOS 2.0 SP3 : icu (EulerOS-SA-2019-2248)

According to the version of the icu packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The collator implementation in i18n/ucol.cpp in International Components for Unicode ICU 52 through SVN revision 293126, as used in Google Chrome befo...

rubygems: Escape sequence injection vulnerability in errors

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManagerrun calls alerterror without escaping, escape sequence injection is possible. There are many ways to cause an error...

rubygems: Escape sequence injection vulnerability in gem owner

An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur...

rubygems: Escape sequence injection vulnerability in API response handling

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilitieswithresponse may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur...

nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service...