Lucene search
K

10 matches found

RubySec
RubySec
added 2026/05/04 12:0 a.m.10 views

net-imap vulnerable to command Injection via unvalidated Symbol inputs

Summary Symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. Details Symbol arguments represent IMAP "system flags", which are formatted as "atoms" with no quoting with a "" prefix. Vulnerable versions of Net::IMAP...

7.1CVSS5.9AI score0.00813EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-14745

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In radare2 before 3.7.0, a command injection vulnerability exists in binsymbols in libr/core/cbin.c. By using a crafted executable file, it's possible to execut...

7.8CVSS7.6AI score0.04414EPSS
Exploits2References2
NVD
NVD
added 2025/06/17 3:15 p.m.7 views

CVE-2025-6199

A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the...

3.3CVSS0.00149EPSS
Exploits0References4
OSV
OSV
added 2025/02/25 4:15 p.m.9 views

AZL-57404 CVE-2025-26596 affecting package xorg-x11-server for versions less than 1.20.10-15

A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms differs from what is written in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...

7.8CVSS7.5AI score0.00399EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 1:50 p.m.12 views

CVE-2024-53233 unicode: Fix utf8_load() error path

In the Linux kernel, the following vulnerability has been resolved: unicode: Fix utf8load error path utf8load requests the symbol "utf8datatable" and then checks if the requested UTF-8 version is supported. If it's unsupported, it tries to put the data table using symbolput. If an unsupported...

5.5CVSS6AI score0.00217EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/09/11 12:0 a.m.5 views

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS that originates from improperly neutralizing matching symbols in the command line interface, which allows an authenticat...

6.7CVSS5AI score0.00235EPSS
Exploits0References3
OSV
OSV
added 2023/11/29 9:34 p.m.5 views

CLSA-2023-1701293664 binutils: Fix of 7 CVEs

CVE-2021-45078: Fix out-of-bounds write in stabxcoffbuiltintype - CVE-2021-46174: Fix buffer overflow in readsectionstabsdebugginginfo - CVE-2022-44840: Fix possible heap buffer overflow in findsectioninset in readelf.c - CVE-2022-45703: Combine sanity checks, calculate element counts, not word...

7.8CVSS6.9AI score0.01312EPSS
Exploits7References1
OSV
OSV
added 2023/10/03 4:57 p.m.3 views

USN-6407-1 libx11 vulnerabilities

Gregory James Duck discovered that libx11 incorrectly handled certain keyboard symbols. If a user were tricked into connecting to a malicious X server, a remote attacker could use this issue to cause libx11 to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7AI score0.00633EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.6 views

The vulnerability of configuration files for the DLT journaling tool, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of configuration files for the DLT journaling tool is related to the improper processing of special symbols. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.5CVSS6.5AI score0.00749EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/04/14 12:0 a.m.7 views

The vulnerability of the hypercall_initialise function in Xen hypervisors, related to insufficient validation of input data, allows a malicious actor to trigger a service failure.

The vulnerability of the hypercallinitialise function in Xen hypervisors is related to incorrect error handling for the invalid format symbol. Exploiting this vulnerability can allow a malicious actor to cause service failures...

6.5CVSS6.5AI score0.02522EPSS
Exploits0References9Affected Software5
Rows per page
Query Builder