Lucene search
K

18 matches found

OSV
OSV
added 2026/05/15 10:44 a.m.4 views

SUSE-SU-2026:21679-1 Security update for iproute2

This update for iproute2 fixes the following issue - CVE-2024-58251: denial of service via terminal escape sequences bsc1254324. Changes for iproute2: - support display of bound but unconnected sockets bsc1204562. - avoid spurious cgroup warning bsc1234383. - add post-6.4 follow-up fixes...

2.5CVSS5.8AI score0.00238EPSS
Exploits0References7
Snyk
Snyk
added 2026/03/26 6:35 p.m.5 views

Improper Neutralization

Overview Affected versions of this package are vulnerable to Improper Neutralization via the mmctl component. An attacker can execute arbitrary terminal escape sequences by sending specially crafted messages, potentially leading to manipulation of administrator terminals, including screen...

8.8CVSS6AI score0.00268EPSS
Exploits0References2
OSV
OSV
added 2026/03/11 5:6 p.m.4 views

SUSE-SU-2026:0872-1 Security update for busybox

This update for busybox fixes the following issues: - CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580. - CVE-2023-42364: use-after-free in the awk.c evaluate function bsc1217584. - CVE-2023-42365: use-after-free in the awk.c copyvar function...

7.2CVSS6.2AI score0.02793EPSS
Exploits6References17
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.4 views

EulerOS 2.0 SP10 : aide (EulerOS-SA-2025-2377)

According to the versions of the aide package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An...

6.2CVSS7.4AI score0.00216EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-7695

Malware in sbrugna...

5.5CVSS5.3AI score0.00313EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/09/15 1:29 a.m.6 views

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

6.2CVSS7.3AI score0.0021EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/08/26 9:51 a.m.4 views

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

6.2CVSS7.3AI score0.0021EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/08/25 11:24 a.m.8 views

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

6.2CVSS7.3AI score0.0021EPSS
Exploits1References4
OSV
OSV
added 2025/08/14 3:53 p.m.5 views

CVE-2025-54389 AIDE improper output neutralization vulnerability

AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and/or tamp...

6.2CVSS6.2AI score0.0021EPSS
Exploits1References7
NVD
NVD
added 2020/09/05 4:15 a.m.16 views

CVE-2020-15709

Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1esm1, printed a PPA personal package archive description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpected ways...

5.5CVSS5.3AI score0.00313EPSS
Exploits0References1
Prion
Prion
added 2020/09/05 4:15 a.m.17 views

Code injection

Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1esm1, printed a PPA personal package archive description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpected ways...

2.1CVSS5.3AI score0.00313EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/09/05 3:30 a.m.280 views

CVE-2020-15709

CVE-2020-15709 affects add-apt-repository prior to versions 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1~esm1. The issue arises because the PPA description is printed to the terminal as-is, allowing PPA owners to inject ANSI terminal escapes that can modify terminal contents in uni...

5.5CVSS5.2AI score0.00313EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2020/08/03 2:41 p.m.25 views

CVE-2020-15709

Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1esm1, printed a PPA personal package archive description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpected ways...

5.5CVSS6.1AI score0.00313EPSS
Exploits0References4
OSV
OSV
added 2018/06/26 4:29 p.m.4 views

CVE-2018-1000523

topydo contains a CWE-20: Improper Input Validation vulnerability in ListFormatParser::parse, file topydo/lib/ListFormat.py line 292 as of d4f843dac71308b2f29a7c2cdc76f055c3841523 that can result in Injection of arbitrary bytes to the terminal, including terminal escape code sequences. This attac...

8.1CVSS5.9AI score0.01155EPSS
Exploits0References2
PyPA
PyPA
added 2018/06/26 4:29 p.m.9 views

PYSEC-2018-76

topydo contains a CWE-20: Improper Input Validation vulnerability in ListFormatParser::parse, file topydo/lib/ListFormat.py line 292 as of d4f843dac71308b2f29a7c2cdc76f055c3841523 that can result in Injection of arbitrary bytes to the terminal, including terminal escape code sequences. This attac...

8.1CVSS7.4AI score0.01155EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/08/31 8:29 p.m.5 views

ALPINE-CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

9.8CVSS7.1AI score0.1081EPSS
Exploits1References1
OSV
OSV
added 2017/08/31 12:0 a.m.6 views

UBUNTU-CVE-2017-0899

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences...

9.8CVSS6.8AI score0.1081EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2003/06/18 10:49 a.m.4 views

security flaw

Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerabilit...

5CVSS5.8AI score0.17413EPSS
Exploits8References4
Rows per page
Query Builder