Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

32 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-11858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files...

8.6CVSS5.5AI score0.00052EPSS
Exploits0References2
OpenVAS
OpenVASadded 2025/05/26 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2024-ac8d48e58a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.5AI score0.00052EPSS
Exploits0References11
NVD
NVDadded 2024/12/15 2:15 p.m.6 views

CVE-2024-11858

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​...

8.6CVSS0.00052EPSS
Exploits0References1
OSV
OSVadded 2024/12/15 2:15 p.m.4 views

CVE-2024-11858

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​...

7.8CVSS7.2AI score
Exploits0References1
OSV
OSVadded 2024/12/15 2:15 p.m.1 views

UBUNTU-CVE-2024-11858

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​...

8.6CVSS5.8AI score0.00052EPSS
Exploits0References3
CVE
CVEadded 2024/12/15 1:57 p.m.51 views

CVE-2024-11858

CVE-2024-11858 affects Radare2. Affected: Radare2 up to and including version 5.9.x (per sources noting 5.9.8 and earlier; Nessus/Tenable references RS 5.8.0–5.9.4). The root cause is insufficient input validation when handling Pebble Application files, allowing malicious inputs to inject shell c...

8.6CVSS8.8AI score0.00052EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVEadded 2024/12/15 1:57 p.m.8 views

CVE-2024-11858

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​...

8.6CVSS5.3AI score0.00052EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2024/12/15 1:57 p.m.10 views

CVE-2024-11858 Radare2: command injection via pebble application files in radare2

A flaw was found in Radare2, which contains a command injection vulnerability caused by insufficient input validation when handling Pebble Application files. Maliciously crafted inputs can inject shell commands during command parsing, leading to unintended behavior during file processing​...

8.6CVSS7.3AI score0.00052EPSS
Exploits0References1
OpenVAS
OpenVASadded 2024/12/12 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2024-d4d1e89e61)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.5AI score0.00052EPSS
Exploits0References11
Tenable Nessus
Tenable Nessusadded 2024/12/12 12:0 a.m.4 views

Fedora 40 : iaito / radare2 (2024-d4d1e89e61)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-d4d1e89e61 advisory. Bump radare2 to 5.9.8, iaito to 5.9.9, fixes CVE-2024-11858 Tenable has extracted the preceding description block directly from the Fedora security...

8.6CVSS5.6AI score0.00052EPSS
Exploits0References2
0day.today
0day.todayadded 2021/02/15 12:0 a.m.42 views

Micro Focus Operations Bridge Manager Local Privilege Escalation Exploit

This Metasploit module exploits an insecure permission vulnerability on a folder in Micro Focus Operations Bridge Manager. An unprivileged user such as Guest can drop a JSP file in an exploded WAR directory and then access it without authentication by making a request to the OBM server. This will...

7.8CVSS8AI score0.01754EPSS
Exploits3
Packet Storm
Packet Stormadded 2021/02/15 12:0 a.m.398 views

Micro Focus Operations Bridge Manager Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus Operations Bridge Manager Local Privilege Escalation', 'Description' = %q This module exploits an incorrectly permissioned folder in...

4.6CVSS0.6AI score0.01754EPSS
Exploits3
Circl
Circladded 2020/10/27 7:31 p.m.4 views

CVE-2020-11858

creationtimestamp| type| source ---|---|--- 2020-10-27 19:31:09+00:00| seen| https://t.me/cibsecurity/15620 2021-02-15 10:31:11+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/microfocusoperationsprivesc.rb 2021-05-30 02:57:38+00:00| seen|...

7.8CVSS7.5AI score0.01754EPSS
Exploits3References3
NVD
NVDadded 2020/10/27 5:15 p.m.12 views

CVE-2020-11858

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge containerized. The vulneravility affects: 1. Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10...

7.8CVSS7.8AI score0.01754EPSS
Exploits3References4
CVE
CVEadded 2020/10/27 4:45 p.m.71 views

CVE-2020-11858

CVE-2020-11858 is a local privilege-escalation vulnerability affecting Micro Focus Operations Bridge Manager (OBM) and Operations Bridge Reporter/Containerized OBM. Affected OBM versions include 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63, 10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and earli...

7.8CVSS7.7AI score0.01754EPSS
Exploits3References4Affected Software2
Cvelist
Cvelistadded 2020/10/27 4:45 p.m.20 views

CVE-2020-11858 Code execution with escalated privilegesn vlnerability in Operation bridge Manager and Operations Bridge (containerized) products.

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge containerized. The vulneravility affects: 1. Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10...

7.8CVSS7.8AI score0.01754EPSS
Exploits3References4
NVD
NVDadded 2020/08/21 7:15 p.m.7 views

CVE-2019-11858

Multiple buffer overflow vulnerabilities exist in the AceManager Web API of ALEOS before 4.13.0, 4.9.5, and 4.4.9...

7.2CVSS6.6AI score0.00022EPSS
Exploits0References1
CVE
CVEadded 2020/08/21 6:52 p.m.52 views

CVE-2019-11858

CVE-2019-11858 involves multiple buffer overflow vulnerabilities in the AceManager Web API of the ALEOS platform. Connected sources indicate the affected software is ALEOS with vulnerable AceManager Web API versions prior to 4.13.0 , 4.9.5 , and 4.4.9 . The root cause is described as buffer overf...

7.2CVSS6.7AI score0.00022EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2018/10/29 6:29 p.m.7 views

CVE-2018-11858

When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850...

7.8CVSS7.8AI score0.00094EPSS
Exploits0References1
CVE
CVEadded 2018/10/29 6:0 p.m.41 views

CVE-2018-11858

CVE-2018-11858 affects Qualcomm Snapdragon Mobile (SD 835, 845, 850). The issue arises when processing the IE set command, where insufficient input validation of the IE length can cause a buffer overwrite in a vulnerable component. The vulnerability is classified as local with low privileges requ...

7.8CVSS7.8AI score0.00094EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder