Lucene search
K

13 matches found

CVE
CVE
added 2026/04/24 4:51 p.m.30 views

CVE-2026-41411

Vim (before version 9.2.0357) contains a local command-injection vulnerability in tag file processing. When resolving a tag, Vim passes the filename field from the tags file through wildcard expansion, enabling backtick syntax (e.g., command) that can execute arbitrary commands via the system she...

6.6CVSS5.4AI score0.00501EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.4 views

PT-2026-35033

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0357 Description Command injection occurs during tag file processing. When resolving a tag, the filename field from the tags file undergoes wildcard expansion to resolve environment variables and wildcards. If this...

6.6CVSS5.8AI score0.00501EPSS
Exploits0References47
GithubExploit
GithubExploit
added 2025/12/11 5:8 a.m.146 views

Exploit for Deserialization of Untrusted Data in Facebook React

$$\ $$\ $$$$$$$\ $$\ $$\ $$$$$$$$\ $$\ $...

10CVSS8.1AI score0.99562EPSS
Exploits374
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-1503

Malicious code in bioql PyPI...

6.9CVSS8.9AI score0.00466EPSS
Exploits0References1
OSV
OSV
added 2025/01/11 3:15 a.m.5 views

CVE-2025-0106

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem...

5.3CVSS5.8AI score0.00466EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/11 3:2 a.m.17 views

CVE-2025-0106 Expedition: Wildcard Expansion Vulnerability

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem...

6.9CVSS6.9AI score0.00466EPSS
Exploits0References1
CVE
CVE
added 2025/01/11 3:2 a.m.54 views

CVE-2025-0106

CVE-2025-0106 is a wildcard expansion vulnerability in Palo Alto Networks Expedition. An unauthenticated attacker can enumerate files on the host filesystem via the Expedition tool’s wildcard expansion handling. Affected product: Palo Alto Networks Expedition. Root cause: wildcard expansion issue...

6.9CVSS6.6AI score0.00466EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/01/11 3:2 a.m.20 views

CVE-2025-0106 Expedition: Wildcard Expansion Vulnerability

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem...

6.9CVSS0.00466EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/08 12:0 a.m.6 views

PT-2025-1075

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Expedition affected versions not specified Description The issue is related to a wildcard expansion vulnerability in Palo Alto Networks Expedition. This vulnerability allows an unauthenticated attacker to enumerate files on...

6.9CVSS5.9AI score0.00466EPSS
Exploits0References9
OSV
OSV
added 2019/05/12 9:35 a.m.14 views

MGASA-2019-0156 Updated openssh packages fix security vulnerabilities

Updated openssh packages fix security vulnerabilities: Due to missing character encoding in the progress display, the object name can be used to manipulate the client output, for example to employ ANSI codes to hide additional files being transferred CVE-2019-6109. Due to scp client insufficient...

6.8CVSS6.5AI score0.58204EPSS
Exploits9References3
Tenable Nessus
Tenable Nessus
added 2019/02/11 12:0 a.m.136 views

Debian DSA-4387-1 : openssh - security update

Harry Sintonen from F-Secure Corporation discovered multiple vulnerabilities in OpenSSH, an implementation of the SSH protocol suite. All the vulnerabilities are in found in the scp client implementing the SCP protocol. - CVE-2018-20685 Due to improper directory name validation, the scp client...

6.8CVSS7.2AI score0.58204EPSS
Exploits9References11
OSV
OSV
added 2018/06/19 5:29 a.m.1 views

DEBIAN-CVE-2018-12562

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards such as in an injected string:/home/../tmp/ string...

9.8CVSS7AI score0.01661EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2013/03/01 5:5 p.m.60 views

java-1_7_0-openjdk: update to 2.3.6 (critical)

java-170-openjdk was updated to icedtea-2.3.6 bnc803379 containing various security and bugfixes: Security fixes - S6563318, CVE-2013-0424: RMI data sanitization - S6664509, CVE-2013-0425: Add logging context - S6664528, CVE-2013-0426: Find log level matching its name or value given at constructi...

10CVSS0.3AI score0.89987EPSS
Exploits10References1
Rows per page
Query Builder