CVE-2023-43115: Ghostscript IJS device SAFER sandbox bypass via path traversal + command injection

CVE-2023-38545: heap buffer overflow in curl SOCKS5 proxy via async state machine socks5_resolve_local bypass

CVE-2023-38545: Heap overflow in curl SOCKS5 proxy response handling

CVE-2023-38545 curl SOCKS5 heap overflow via slow handshake state-machine bypass

CVE-2023-4911 Looney Tunables: heap overflow in glibc parse_tunables via malformed GLIBC_TUNABLES

CVE-2023-4911 Looney Tunables: heap overflow in glibc parse_tunables

CVE-2023-4911 glibc Looney Tunables heap buffer overflow in parse_tunables

CVE-2014-7169 — incomplete Shellshock fix in bash 4.3-p25 (variables.c initialize_shell_variables -> parse_and_execute)

CVE-2014-7169: Bash Shellshock incomplete fix — command injection via ENV var name metacharacters

CVE-2014-7169 Bash Shellshock Secondary Injection via Function Definition Names

CVE-2014-6271 Shellshock: bash parse_and_execute consumes trailing commands after function-definition env import

CVE-2014-6271 (Shellshock) - Command Injection via Function Definition Environment Variables in Bash 4.3

CVE-2014-6271 Shellshock: Bash command injection via function import from environment variables

CVE-2018-20483: wget leaks HTTP Basic-Auth credentials into user.xdg.origin.url xattr

CVE-2018-20483: Wget stores credentials in extended file attributes (information-leak)

CVE-2018-20483 - Information Leak via Extended File Attributes in wget

CVE-2023-43115: Ghostscript IJS device path-traversal/sandbox-escape via subprocess file delegation

CVE-2023-43115: Ghostscript IJS device bypasses -dSAFER (path-traversal + RCE)

CVE-2018-20483: wget --xattr leaks URL credentials into extended file attributes

CVE-2018-20483: wget --xattr leaks userinfo (user:password) into persistent extended attributes