Lucene search
K

77 matches found

OSV
OSV
added 2025/01/15 5:35 p.m.12 views

CVE-2024-52005 The sideband payload is passed unfiltered to the terminal in git

Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the...

7.5CVSS7.8AI score0.00494EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/01/15 5:35 p.m.12 views

CVE-2024-52005 The sideband payload is passed unfiltered to the terminal in git

Git is a source code management tool. When cloning from a server or fetching, or pushing, informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the...

7.5CVSS7.4AI score0.00494EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/15 12:0 a.m.2 views

Git 安全漏洞

Git is a free, open-source distributed version control system open-sourced by Git. A security vulnerability exists in Git that stems from an unprotected ANSI escape sequence in sideband channel messaging, which can be exploited by malicious people to hide or distort information or mislead users...

8.8CVSS7.9AI score0.00494EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2024/07/23 4:34 p.m.5 views

libreoffice: create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic

A flaw was found in LibreOffice. Unchecked script execution in graphic on-click binding allows an attacker to create a document, which, without a prompt, will execute scripts built into LibreOffice when clicking a graphic. These scripts were previously deemed trusted but are now deemed untrusted...

6.5CVSS6AI score0.01008EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/07/02 4:58 p.m.8 views

libreoffice: create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic

A flaw was found in LibreOffice. Unchecked script execution in graphic on-click binding allows an attacker to create a document, which, without a prompt, will execute scripts built into LibreOffice when clicking a graphic. These scripts were previously deemed trusted but are now deemed untrusted...

6.5CVSS6AI score0.01008EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/05/16 2:23 a.m.4 views

SUSE CVE-2024-3044

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted...

7.1CVSS7.2AI score0.01008EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/05/15 6:28 a.m.67 views

CVE-2024-3044

A flaw was found in LibreOffice. Unchecked script execution in graphic on-click binding allows an attacker to create a document, which, without a prompt, will execute scripts built into LibreOffice when clicking a graphic. These scripts were previously deemed trusted but are now deemed untrusted...

7.3CVSS6AI score0.01008EPSS
Exploits0References4
OSV
OSV
added 2024/05/14 9:15 p.m.4 views

DEBIAN-CVE-2024-3044

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted...

6.5CVSS6.8AI score0.01008EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 9:15 p.m.3 views

UBUNTU-CVE-2024-3044

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted...

6.5CVSS7AI score0.01008EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/10/05 4:54 a.m.36 views

CVE-2023-5344

A heap-based buffer overflow vulnerability was found in Vim's truncstring function of the src/message.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap-based buffer overflow that causes an application to crash, leading to a denial of...

5.3CVSS7.3AI score0.0119EPSS
Exploits1References4
OSV
OSV
added 2023/09/12 3:15 a.m.3 views

CVE-2023-40621

SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before...

6.3CVSS5.9AI score0.00646EPSS
Exploits0References2
Prion
Prion
added 2023/09/12 3:15 a.m.24 views

Default credentials

SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before...

6.8CVSS6.4AI score0.00646EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/09/12 2:10 a.m.52 views

CVE-2023-40621 Code Injection vulnerability in SAP PowerDesigner Client

SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before...

6.3CVSS6.7AI score0.00646EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2023/08/03 11:19 a.m.43 views

CVE-2020-20703

A use-after-free flaw was found in Vim. This issue allows a heap buffer overflow leading to a write access violation. This flaw allows the attacker to possibly have control over the write address and value, which may lead to an application crash. Mitigation Untrusted vim scripts with -s scriptin...

5.5CVSS7.4AI score0.01514EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/05/22 12:41 p.m.25 views

CVE-2023-2610

Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. Mitigation Untrusted vim scripts with -s scriptin are not recommended to run...

5.5CVSS7.1AI score0.00485EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2023/03/20 11:43 a.m.31 views

CVE-2023-1355

A NULL pointer dereference vulnerability was discovered in vim's classobjectindex function at vim9class.c file. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering an issue that causes an application to crash, leading to a denial of service. Mitigation...

5.5CVSS5.7AI score0.00453EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2023/03/09 12:15 a.m.36 views

CVE-2023-1170

A heap-based buffer overflow vulnerability was found in Vim's utfptr2char function of the src/mbyte.c file. This flaw occurs because there is access to invalid memory with put in visual block mode. An attacker can trick a user into opening a specially crafted file, triggering an out-of-bounds rea...

5.3CVSS6.8AI score0.00483EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2023/03/09 12:15 a.m.43 views

CVE-2023-1175

A flaw was found in Vim. There is an incorrect calculation of buffer size issue found in Vim's yankcopyline function of the register.c file. This flaw allows illegal memory access when using virtual editing as "startspaces" goes negative. An attacker can trick a user into opening a specially...

5.3CVSS6.7AI score0.00438EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.4 views

SUSE CVE-2022-46908

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE...

7.3CVSS7AI score0.00425EPSS
Exploits1References62
RedhatCVE
RedhatCVE
added 2023/01/09 7:35 a.m.76 views

CVE-2023-0049

A flaw was found in vim, which is vulnerable to an out-of-bounds read in the buildstlstrhl function. This flaw allows a specially crafted file to cause information disclosure, data integrity corruption, or crash the software. Mitigation Do not run vim with -s scriptin on untrusted scripts...

7.3CVSS7.2AI score0.00471EPSS
Exploits1References4
Rows per page
Query Builder