Froxlor has Admin-to-Root Privilege Escalation via Input Validation Bypass + OS Command Injection

Summary A typo in Froxlor's input validation code == instead of = completely disables email format checking for all settings fields declared as email type. This allows an authenticated admin to store arbitrary strings — including shell metacharacters — in the panel.adminmail setting. This value i...

SUSE CVE-2006-3119

The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...

SUSE CVE-2007-2172

A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTAMAX to be used as an array size instead of RTNMAX, which leads to an "out of bound access" by the 1 dnfibprops dnfib.c, DECNet and 2 fibprops fibsemantics.c, IPv4 functions...

UBUNTU-CVE-2020-10574

An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "querylogger" Admin API request, because of a typo in the JSON validation...