1774 matches found
CVE-2022-42500
In OEMOnRequest of sced.cpp, there is a possible shell command execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Input validation
In OEMOnRequest of sced.cpp, there is a possible shell command execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
PT-2023-14130 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to improper input validation in the OEM OnRequest function of sced.cpp, which could lead to shell command execution. This may result in local escalation...
CVE-2022-42500
In OEMOnRequest of sced.cpp, there is a possible shell command execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
Google Pixel 输入验证错误漏洞
Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that stems from incorrect input validation and may execute shell commands...
CBL Mariner 2.0 Security Update: emacs (CVE-2023-27985)
The version of emacs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27985 advisory. - emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a craft...
Amazon Linux 2023 : emacs, emacs-common, emacs-devel (ALAS2023-2023-134)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-134 advisory. emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry...
Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-1577)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: emacs
Issue Overview: emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. CVE-2023-27985 emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable...
CBL Mariner 2.0 Security Update: busybox (CVE-2021-42376)
The version of busybox installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-42376 advisory. - A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted...
Shell Command Injection
emacs is vulnerable to Shell Command Injection. An attacker can inject and execute malicious code through the crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification...
Command Injection
emacs is vulnerable to Command Injection. The vulnerability exists due to the feature-name parameter in the ruby-find-library-file function and bound to C-c C-f. functions are not properly escaped, allowing an attacker to inject and execute malicious commands by calling through...
CVE-2023-27985
A flaw was found in the Emacs text editor. When opened with emacsclient-mail.desktop, a crafted mailto URI can result in shell command injection due to lack of compliance with the Desktop Entry Specification...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
CVE-2023-27985 affects Emacs up to version 28.2, specifically emacsclient-mail.desktop, where a crafted mailto: URI enables shell command injections due to Desktop Entry Specification noncompliance. The issue is documented as fixed in Emacs 29.0.90. Affected products/versions inferred from multip...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...
CVE-2023-27985
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90...