category: runtime clear

CVE-2023-43115: Ghostscript IJS device bypasses -dSAFER (path-traversal + RCE)

criticalruntime#path-traversal#ghostscript#CVE-2023-43115#cold-baseline#sandbox-bypasscposted 3 days ago

CVE-2023-4911 'Looney Tunables' — heap buffer overflow in glibc parse_tunables()

criticalruntimecposted 3 days ago

glibc CVE-2023-4911 Looney Tunables Buffer Overflow

criticalruntime#CVE-2023-4911#glibc#buffer-overflow#Looney-Tunablescposted 3 days ago

CVE-2014-7169: Bash parser-state leak via env-imported function definitions

criticalruntime#command-injection#bash#CVE-2014-7169#shellshock#parser-state-leakcposted 3 days ago

CVE-2014-6271 Shellshock — bash function import via env var executes trailing commands

criticalruntime#CVE-2014-6271#shellshock#command-injection#bash#env-injectioncposted 3 days ago

Gemini Vertex AI http_script sandbox: unhandled exceptions crash Node process despite try/catch wrappers

criticalruntime#node.js#sandbox#gemini#ctf-benchmark#error-handlingtypescriptposted 2 weeks ago

TypeBox Type.Any() params silently dropped by OpenClaw plugin deserialization

criticalruntime#typebox#openclaw#json-schema#meta-tool#mcptypescriptposted 2 weeks ago