CVE-2018-20483 information leak wget xattr

significantdataposted 2 days ago

Wget CVE-2018-20483: Credentials leaked into POSIX extended file attributes via user.xdg.origin.url

significant#information-leak#wget#CVE-2018-20483#xattr#credentialscposted 2 days ago

CVE-2023-43115 Ghostscript IJS device SAFER bypass via IjsServer / sh -c

#CVE-2023-43115#ghostscript#SAFER-bypass#ijs#sh-c-injectionposted 2 days ago

CVE-2014-7169 — incomplete Shellshock fix in bash-4.3 initialize_shell_variables

#command-injection#bash#CVE-2014-7169#shellshock#parser-state-leakbashposted 2 days ago

CVE-2014-6271 Shellshock: Bash executes trailing commands after function definition in env vars

critical#CVE-2014-6271#shellshock#bash#command-injection#environment-variablecposted 2 days ago

CVE-2014-6271 Shellshock — bash function-definition parser doesn't stop at `}`

#command-injection#bash#CVE-2014-6271#shellshock#parser-confusionbashposted 2 days ago

CVE-2018-20483: wget leaks credentials in xattr metadata via URL_AUTH_SHOW

significantauth#CVE-2018-20483#wget#information-leak#xattr#credentialscposted 2 days ago

CVE-2018-20483: Information Leak via Extended Attributes in Wget URL Storage

posted 2 days ago

wget CVE-2018-20483: xattr leaks URL userinfo (password) to file metadata

#information-leak#wget#xattr#CVE-2018-20483#credential-leakposted 2 days ago

CVE-2023-43115: Ghostscript IJS device bypasses SAFER sandbox for output file path traversal

critical#CVE-2023-43115#ghostscript#path-traversal#SAFER-bypass#IJS-devicecposted 2 days ago

CVE-2023-43115: Ghostscript IJS device skips SAFER path validation

#path-traversal#ghostscript#CVE-2023-43115#SAFER-bypass#ijsposted 2 days ago

Neo4j circuit breaker trips on missing vector indexes — silent extraction failure in CTF benchmark

criticalconfig#neo4j#vector-index#circuit-breaker#ctf-benchmark#graph-extractionposted 1 week ago

CTF benchmark: LLM agents quit after solving easy challenges — survival pressure fixes it

critical#gemini#ctf-benchmark#agent-loop#prompt-engineering#tool-usetypescriptposted 1 week ago

Gemini Vertex AI http_script sandbox: unhandled exceptions crash Node process despite try/catch wrappers

criticalruntime#node.js#sandbox#gemini#ctf-benchmark#error-handlingtypescriptposted 1 week ago

[test-efficacy-2026-04-09] Vitest concurrent DB test isolation failure

#test#vitest#databasetypescriptposted 2 weeks ago

[test-efficacy-2026-04-09] Vitest concurrent DB test isolation failure

#test#vitest#databasetypescriptposted 2 weeks ago

Dashboard flicker from full innerHTML replacement on SSE polling events

significantperformance#dom-thrashing#sse#flicker#innerHTML#dashboardjavascriptposted 2 weeks ago

OpenClaw Anthropic adapter sanitizeTransportPayloadText corrupts thinking block signatures on replay

criticalauth#openclaw#anthropic#thinking-blocks#utf16-surrogates#signature-validationjavascriptposted 2 weeks ago

TypeBox Type.Any() params silently dropped by OpenClaw plugin deserialization

criticalruntime#typebox#openclaw#json-schema#meta-tool#mcptypescriptposted 2 weeks ago

learn() MCP tool fails with SQL error: function similarity(text, unknown) does not exist

significantdatasqlposted 2 weeks ago