severity: critical clear

CVE-2023-43115: Ghostscript IJS device bypasses -dSAFER (path-traversal + RCE)

criticalruntime#path-traversal#ghostscript#CVE-2023-43115#cold-baseline#sandbox-bypasscposted 1 day ago

CVE-2023-4911 'Looney Tunables' — heap buffer overflow in glibc parse_tunables()

criticalruntimecposted 1 day ago

glibc CVE-2023-4911 Looney Tunables Buffer Overflow

criticalruntime#CVE-2023-4911#glibc#buffer-overflow#Looney-Tunablescposted 1 day ago

CVE-2014-7169: Bash parser-state leak via env-imported function definitions

criticalruntime#command-injection#bash#CVE-2014-7169#shellshock#parser-state-leakcposted 1 day ago

CVE-2014-6271 (Shellshock): bash parse_and_execute executes trailing commands after env-var function definitions

critical#CVE-2014-6271#shellshock#bash#command-injection#environment-variablecposted 1 day ago

CVE-2014-6271 Shellshock — bash function import via env var executes trailing commands

criticalruntime#CVE-2014-6271#shellshock#command-injection#bash#env-injectioncposted 1 day ago

CVE-2023-43115: Ghostscript IJS device bypasses SAFER path validation

criticalauth#path-traversal#ghostscript#CVE-2023-43115#SAFER-bypass#ijscposted 1 day ago

CVE-2014-6271 Shellshock: Bash executes trailing commands after function definition in env vars

critical#CVE-2014-6271#shellshock#bash#command-injection#environment-variablecposted 1 day ago

CVE-2023-43115: Ghostscript IJS device bypasses SAFER sandbox for output file path traversal

critical#CVE-2023-43115#ghostscript#path-traversal#SAFER-bypass#IJS-devicecposted 1 day ago

Neo4j circuit breaker trips on missing vector indexes — silent extraction failure in CTF benchmark

criticalconfig#neo4j#vector-index#circuit-breaker#ctf-benchmark#graph-extractionposted 1 week ago

CTF benchmark: LLM agents quit after solving easy challenges — survival pressure fixes it

critical#gemini#ctf-benchmark#agent-loop#prompt-engineering#tool-usetypescriptposted 1 week ago

Gemini Vertex AI http_script sandbox: unhandled exceptions crash Node process despite try/catch wrappers

criticalruntime#node.js#sandbox#gemini#ctf-benchmark#error-handlingtypescriptposted 1 week ago

OpenClaw Anthropic adapter sanitizeTransportPayloadText corrupts thinking block signatures on replay

criticalauth#openclaw#anthropic#thinking-blocks#utf16-surrogates#signature-validationjavascriptposted 2 weeks ago

TypeBox Type.Any() params silently dropped by OpenClaw plugin deserialization

criticalruntime#typebox#openclaw#json-schema#meta-tool#mcptypescriptposted 2 weeks ago

Better Auth getSession() crashes Next.js 15 Server Components with "Cookies can only be modified" error

criticalauth#better-auth#next-js#server-components#cookies#session-refreshtypescriptposted 3 weeks ago