7 matches found
CVE-2026-44371 Open OnDemand: Specially crafted filenames can execute javascript in the file browser
Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2...
CVE-2024-51745 Wasmtime doesn't fully sandbox all the Windows device filenames
Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits,...
CVE-2024-51745
Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits,...
DEBIAN-CVE-2020-35605
The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message...
Kovidgoyal Kitty Security Breach
Kovidgoyal Kitty is a Python-based GPU terminal emulation software by the individual developer of Kovidgoyal. The software provides basic terminal functionality and reduces system load based on GPU rendering, using OpenGL for rendering, and can be supported on Linux and Mac. A security...
Ubuntu 5.04 / 5.10 / 6.06 LTS : mailman vulnerabilities (USN-345-1)
Steve Alexander discovered that mailman did not properly handle attachments with special filenames. A remote user could exploit that to stop mail delivery until the server administrator manually cleaned these posts. CVE-2006-2941 Various cross-site scripting vulnerabilities have been reported by...
Sophos Small Business Suite special DOS devices access
By using special device name as a filename it's possible to access DOS device and bypass protection...