268 matches found
UBUNTU-CVE-2021-32808
ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could result in executing...
CVE-2021-32808 Cross-site scripting in ckeditor via abuse of undo functionality
ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could result in executing...
CKEditor 跨站脚本漏洞
CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in ckeditor that allows a user to abuse the undo function using malformed HTML, which could lead to the execution of JavaScript code...
GHSA-8WWF-2644-F8X4 The Fuck Arbitrary File Deletion via Path Traversal
The thefuck aka The Fuck is app that corrects errors in previous console commands. The Fuck python package before 3.31 allows Path Traversal that leads to arbitrary file deletion via the undo archive operation feature...
The Fuck Arbitrary File Deletion via Path Traversal
The thefuck aka The Fuck is app that corrects errors in previous console commands. The Fuck python package before 3.31 allows Path Traversal that leads to arbitrary file deletion via the undo archive operation feature...
thefuck path traversal vulnerability
thefuck is an open source application. Corrects errors in previous console commands. A path traversal vulnerability exists in thefuck, which can be exploited to arbitrarily delete files via the "undo archive operation" feature...
DEBIAN-CVE-2021-34363
The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...
CVE-2021-34363
The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...
Path traversal
The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...
CVE-2021-34363
The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...
PYSEC-2021-97
The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...
UBUNTU-CVE-2021-34363
The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...
CVE-2021-34363
CVE-2021-34363 affects the Python package thefuck (aka The Fuck) prior to version 3.31. The root cause is a path traversal flaw in the undo archive operation, which can lead to arbitrary file deletion. Public documentation across multiple feeds confirms this: Arch Linux ASAs and Fedora advisories...
CVE-2021-34363
The thefuck aka The Fuck package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature...
thefuck 路径遍历漏洞
thefuck is an open source application. Corrects errors in previous console commands. A path traversal vulnerability exists in thefuck, which can be exploited to arbitrarily delete files via the "undo archive operation" feature...
PT-2021-4116 · Pypi +1 · Thefuck +1
Name of the Vulnerable Software and Affected Versions: TheFuck versions prior to 3.31 Description: The issue is related to path traversal weaknesses in the TheFuck package for Python, allowing an attacker to compromise data integrity and cause a denial of service. This can lead to arbitrary file...
PT-2024-11196
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak in the Linux kernel has been resolved. The issue occurred in the ptp: ocp module, where an error handling path failed to properly undo a successful 'pci ioremap bar' call...
Integer Overflow
Neovim is vulnerable to integer overflow. The vulnerability existed because it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...
Arbitrary Code Execution
neovim is vulnerable to arbitrary code execution. An integer overflow during unserializeuep memory allocation due to improper validation for for tree length when reading a corrupted undo file allows an attacker to execute arbitrary code on the host OS via a buffer overflow...
Unspecified Vulnerability in Mattermost Server (CNVD-2020-48228)
Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.3.0, 4.2.1 and 4.1.2. An attacker could exploit the vulnerability to undo another user's session...