Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2023/03/11 9:15 a.m.0 views

UBUNTU-CVE-2023-1350

A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function updatejobrun of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date /tmp/bad-item-link.txt leads to os command injection. Th...

9.8CVSS5.3AI score0.00551EPSS
Exploits0References3
CVE
CVEadded 2023/03/11 8:20 a.m.52 views

CVE-2023-1350

CVE-2023-1350 affects Liferea’s update_job_run (src/update.c, Feed Enrichment). The input source parameter can be manipulated to execute OS commands (remote, no user interaction). Documents consistently state this leads to remote code execution and that a patch exists; Gentoo/GLSA and OpenSUSE/SU...

9.8CVSS8.2AI score0.00551EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2023/03/11 12:0 a.m.4 views

Liferea 操作系统命令注入漏洞

Liferea is a desktop subscription feed reader/news aggregator from the individual developer Lars Windolf. It brings together all the content of a customer's favorite subscriptions into a simple interface that makes it easy to organize and browse subscription feeds. Liferea suffers from an OS...

9.8CVSS6.8AI score0.00551EPSS
Exploits0References4
Rows per page
Query Builder