CKEditor 跨站脚本漏洞

CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in ckeditor that allows a user to abuse the undo function using malformed HTML, which could lead to the execution of JavaScript code...

The Fuck Arbitrary File Deletion via Path Traversal

The thefuck aka The Fuck is app that corrects errors in previous console commands. The Fuck python package before 3.31 allows Path Traversal that leads to arbitrary file deletion via the undo archive operation feature...

GHSA-8WWF-2644-F8X4 The Fuck Arbitrary File Deletion via Path Traversal

The thefuck aka The Fuck is app that corrects errors in previous console commands. The Fuck python package before 3.31 allows Path Traversal that leads to arbitrary file deletion via the undo archive operation feature...

thefuck path traversal vulnerability

thefuck is an open source application. Corrects errors in previous console commands. A path traversal vulnerability exists in thefuck, which can be exploited to arbitrarily delete files via the "undo archive operation" feature...

DEBIAN-CVE-2021-34363

The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...

CVE-2021-34363

The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...

CVE-2021-34363

The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...

Path traversal

The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...

PYSEC-2021-97

The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...

UBUNTU-CVE-2021-34363

The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...

CVE-2021-34363

The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...

CVE-2021-34363

CVE-2021-34363 affects the Python package thefuck (aka The Fuck) prior to version 3.31. The root cause is a path traversal flaw in the undo archive operation, which can lead to arbitrary file deletion. Public documentation across multiple feeds confirms this: Arch Linux ASAs and Fedora advisories...

PT-2021-4116 · Pypi +1 · Thefuck +1

Name of the Vulnerable Software and Affected Versions: TheFuck versions prior to 3.31 Description: The issue is related to path traversal weaknesses in the TheFuck package for Python, allowing an attacker to compromise data integrity and cause a denial of service. This can lead to arbitrary file...

thefuck 路径遍历漏洞

thefuck is an open source application. Corrects errors in previous console commands. A path traversal vulnerability exists in thefuck, which can be exploited to arbitrarily delete files via the "undo archive operation" feature...

PT-2024-11196

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak in the Linux kernel has been resolved. The issue occurred in the ptp: ocp module, where an error handling path failed to properly undo a successful 'pci ioremap bar' call...

Integer Overflow

Neovim is vulnerable to integer overflow. The vulnerability existed because it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

Arbitrary Code Execution

neovim is vulnerable to arbitrary code execution. An integer overflow during unserializeuep memory allocation due to improper validation for for tree length when reading a corrupted undo file allows an attacker to execute arbitrary code on the host OS via a buffer overflow...

Unspecified Vulnerability in Mattermost Server (CNVD-2020-48228)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.3.0, 4.2.1 and 4.1.2. An attacker could exploit the vulnerability to undo another user's session...

Zimbra Collaboration Suite (ZCS) Undo Shared Calendar Accessibility Vulnerability

Zimbra Collaboration Suite ZCS is a collaboration software suite that includes an email server and web client. An undo shared calendar accessibility vulnerability exists in Zimbra Collaboration Suite ZCS versions prior to 8.8.15 Patch 7. The vulnerability stems from the fact that after an attacke...

Security update for neovim (important)

openSUSE Security Update: Security update for neovim Announcement ID: openSUSE-SU-2019:1997-1 Rating: important References: 1137443 Cross-References: CVE-2019-12735 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update f...