1774 matches found
CVE-2022-42500
In OEMOnRequest of sced.cpp, there is a possible shell command execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Input validation
In OEMOnRequest of sced.cpp, there is a possible shell command execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2022-42500
In OEMOnRequest of sced.cpp, there is a possible shell command execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
PT-2023-14130 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to improper input validation in the OEM OnRequest function of sced.cpp, which could lead to shell command execution. This may result in local escalation...
Google Pixel 输入验证错误漏洞
Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from incorrect input validation and may execute shell commands...
CBL Mariner 2.0 Security Update: emacs (CVE-2023-27985)
The version of emacs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27985 advisory. - emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a craft...
Amazon Linux 2023 : emacs, emacs-common, emacs-devel (ALAS2023-2023-134)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-134 advisory. emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1577)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: emacs
Issue Overview: emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. CVE-2023-27985 emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable...
CBL Mariner 2.0 Security Update: busybox (CVE-2021-42376)
The version of busybox installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-42376 advisory. - A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted...
Shell Command Injection
emacs is vulnerable to Shell Command Injection. An attacker can inject and execute malicious code through the crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification...
Command Injection
emacs is vulnerable to Command Injection. The vulnerability exists due to the feature-name parameter in the ruby-find-library-file function and bound to C-c C-f. functions are not properly escaped, allowing an attacker to inject and execute malicious commands by calling through...
CVE-2023-27985
A flaw was found in the Emacs text editor. When opened with emacsclient-mail.desktop, a crafted mailto URI can result in shell command injection due to lack of compliance with the Desktop Entry Specification...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
CVE-2023-27985 affects Emacs up to version 28.2, specifically emacsclient-mail.desktop, where a crafted mailto: URI enables shell command injections due to Desktop Entry Specification noncompliance. The issue is documented as fixed in Emacs 29.0.90. Affected products/versions inferred from multip...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...