SerialWaffle

Description: A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. Link: Visit the GitHub Repository Language: Python Owner: VoyagerOnne Stars: 0 Forks: 0

Description: GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation

Description: An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability. Link: Visit the GitHub Repository Language: Python Owner: Mattb709 Stars: 0 Forks: 0

Description: An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability. Link: Visit the GitHub Repository Language: Python Owner: Mattb709 Stars: 0 Forks: 0

Description: In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters

Description: Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6. Link: Visit the GitHub Repository Language: Python Owner: ivanbg2004 Stars: 0 Forks: 0

Description: webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability. Link: Visit the GitHub Repository Language: Shell Owner: MartiSabate Stars: 0 Forks: 0

Description: Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used "floating frames" linked to external files, would load the contents

Description: Microsoft Outlook Elevation of Privilege Vulnerability Link: Visit the GitHub Repository Language: PowerShell Owner: Agentgilspy Stars: 0 Forks: 0

Description: System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter. Link: Visit the GitHub Repository Language: Shell Owner: ediop3SquadALT Stars: 0 Forks: 0