Siemens Ruggedcom ROX OS Command Injection (CVE-2022-48624)

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504890;...

EulerOS 2.0 SP9 : less (EulerOS-SA-2024-1965)

According to the versions of the less package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE.CVE-2022-48624 less through 653 allows OS command execution via a...

EulerOS 2.0 SP10 : less (EulerOS-SA-2024-1912)

According to the versions of the less package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE.CVE-2022-48624 less through 653 allows OS command execution via a...

Arbitrary Command Execution

less is vulnerable to Arbitrary Command Execution.The vulnerability is due to the omission of shellquote calls for LESSCLOSE in the closealtfile function within the filename.c file of the less command-line utility, allows attackers to execute arbitrary commands...

CLSA-2024-1714065925 less: Fix of CVE-2022-48624

Fix CVE-2022-48624: filename.c closealtfile: before 606 omits shellquote calls for LESSCLOSE...

AlmaLinux 9 : less (ALSA-2024:1692)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:1692 advisory. - closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. CVE-2022-48624 Note that Nessus has not tested for this issue but has instead...

Oracle Linux 9 : less (ELSA-2024-1692)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-1692 advisory. - Fix CVE-2022-48624 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Important: less

Issue Overview: closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. CVE-2022-48624 Affected Packages: less Issue Correction: Run yum update less or yum update --advisory ALAS-2024-1924 to update your system. New Packages: i686: less-436-13.13.amzn1.i686 ...

DEBIAN-CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

UBUNTU-CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

Less Security Breach

Less is a text-finding application open-sourced by gwsw. A security vulnerability exists in versions prior to Less 606, which stems from the fact that closealtfile in filename.c omits the shellquote call to LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

CVE-2022-48624

CVE-2022-48624 affects the less utility (filename.c close_altfile) in versions prior to 606, where shell_quote handling for LESSCLOSE is omitted, enabling potential local command-injection via crafted filenames. Connected sources confirm the issue and show remediation guidance: upgrade to less 60...

GHSA-R3VR-PRWV-86G9 python-gnupg's shell_quote function does not properly quote strings

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

python-gnupg's shell_quote function does not properly quote strings

The shellquote function in python-gnupg 0.3.5 does not properly quote strings, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "$" command-substitution sequences, a different vulnerability than CVE-2014-1928...

GHSA-2JC8-4R6G-282J python-gnupg's shell_quote function does not properly escape characters

The shellquote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "" backslash characters to form multi-command sequences, a different...

python-gnupg's shell_quote function does not properly escape characters

The shellquote function in python-gnupg 0.3.5 does not properly escape characters, which allows context-dependent attackers to execute arbitrary code via shell metacharacters in unspecified vectors, as demonstrated using "" backslash characters to form multi-command sequences, a different...