4 matches found
CVE-2026-52859
Vim is an open source, command line text editor. Prior to version 9.2.0565, the updatesnapshot function in src/terminal.c copies the visible terminal screen into the scrollback buffer when a snapshot is taken. For each screen cell it walks the cell's chars array with no upper bound, stopping only...
Arbitrary Command Injection
Overview screenshot-desktop is a Capture a screenshot of your local machine Affected versions of this package are vulnerable to Arbitrary Command Injection via the format option in the Snapshot functions. An attacker can execute arbitrary commands with the privileges of the calling process by...
Users Can Deny The Treasury Manager Contract From Claiming COMP Incentives
Handle leastwood Vulnerability details Impact The treasury manager is appointed by the Notional DAO and is tasked with harvesting rewards both COMP incentives and assets from Notional and performing NOTE buybacks using WETH. The TreasuryManager.harvestCOMPFromNotional function is only callable by...
CVE-2009-2662
The browser engine in Mozilla Firefox 3.5.x before 3.5.2 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the TraceRecorder::snapshot function in js/src/jstracer.cpp, and unspecified other vector...