Command Injection

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Command Injection via improper handling of environment variable assignments in argv forms during shell-wrapper detection. An attacker can execute arbitrary commands by injecting specially...

Akamai ASE 安全漏洞

Akamai ASE is an adaptive security engine from Akamai. A security vulnerability exists in Akamai ASE versions prior to 2024-12-10, which stems from Rule 3000216 not properly handling JavaScript variable assignments...

Sensitive Information Exposure

github.com/consensys/gnark is vulnerable to Sensitive Information Exposure. The vulnerability is caused by the same σ being used for all proofs of knowledge for commitments, allowing mixing between them. This makes it possible to fix the value of all but one commitment before selecting the circui...

SQL Injection

modsecurity-crs:sid is vulnerable to SQL injection. An authenticated attacker is able to inject and execute arbitrary SQL commands in the database through comment characters and variable assignments in the SQL syntax...

Code injection

Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments...

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2833-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2833-1 advisory. Andrei Vaida, Jesse Ruderman, Bob Clary, Christian Holler, Jesse Ruderman, Eric Rahm, Robert Kaiser, Harald Kirschner, and Michael Henretty discovered...

UBUNTU-CVE-2015-7204

Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments...