Количество 3
Количество 3
CVE-2021-28927
The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection using specially a crafted file and directory names.
CVE-2021-28927
The text-to-speech engine in libretro RetroArch for Windows 1.9.0 pass ...
GHSA-7585-2mwm-5jvf
The text-to-speech engine in libretro RetroArch for Windows 0.11 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection using specially a crafted file and directory names.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-28927 The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection using specially a crafted file and directory names. | CVSS3: 7.8 | 0% Низкий | почти 5 лет назад |
| CVE-2021-28927 The text-to-speech engine in libretro RetroArch for Windows 1.9.0 pass ... | CVSS3: 7.8 | 0% Низкий | почти 5 лет назад |
| GHSA-7585-2mwm-5jvf The text-to-speech engine in libretro RetroArch for Windows 0.11 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection using specially a crafted file and directory names. | CVSS3: 7.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу