Lucene search
K

34 matches found

Zero Day Initiative
Zero Day Initiative
added 2022/09/08 12:0 a.m.84 views

(Pwn2Own) ConnMan received_data Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installation of ConnMan. Authentication is not required to exploit this vulnerability. The specific flaw exists within the receiveddata method. Crafted data in a HTTP response can trigger a write past the e...

6.3CVSS1.4AI score0.02392EPSS
Exploits0References1
Veracode
Veracode
added 2022/01/12 9:51 a.m.22 views

Information Disclosure

shelljs is vulnerable to information disclosure. The vulnerability exists in ShellJS exec function of exec.js because the file permissions have not been locked down which allows an attacker to gain access to sensitive information of file system of the running scripts and crash application...

7.1CVSS2.4AI score0.00427EPSS
Exploits1References7Affected Software2
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.4 views

Veritas Backup Exec 安全漏洞

Veritas Technologies Veritas Backup Exec is a powerful suite of data backup and recovery tools from Veritas Technologies. With a web-based management console and an intuitive graphical user interface with easy-to-use wizards, the software simplifies installation and improves manageability...

9.8CVSS8.6AI score0.6491EPSS
Exploits5References4
Snyk
Snyk
added 2020/12/04 5:30 p.m.6 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. The injection point is located in line 45 in main entry of package in lib/process-promises.js. PoC var a =require"ts-process-promises"; a.exec"touch JHU",; Remediation There is no fixed version for ts-process-promises...

9.8CVSS7.2AI score0.01355EPSS
Exploits1References2
OSV
OSV
added 2020/04/23 8:9 p.m.1 views

GHSA-426H-24VJ-QWXF Command Injection in npm-programmatic

All versions of npm-programmatic are vulnerable to Command Injection. The package fails to sanitize input rules and passes it directly to an exec call on the install, uninstall and list functions . This may allow attackers to execute arbitrary code in the system if the package name passed to the...

9.8CVSS7.5AI score0.03516EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2019/03/14 3:40 p.m.6 views

io.druid.extensions.contrib:druid-orc-extensions (>=0.10.0 <=0.12.3), org.apache.tajo:tajo-hive (>=0.11.2 <=0.11.3) potentially affected by CVE-2016-3083 via org.apache.hive:hive-exec (=2.0.0)

org.apache.hive:hive-exec MAVEN version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-exec and may be impacted: - io.druid.extensions.contrib:druid-orc-extensions =0.10.0, =0.11.2, =0.11.3 Source cves: CVE-2016-3083 Source...

7.5CVSS7.1AI score0.01006EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/03/14 3:40 p.m.7 views

ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.11), com.linkedin.tony:tony-cli (>=0.1.5 <=0.3.3) +36 more potentially affected by CVE-2016-3083 via org.apache.hive:hive-exec (>=0.8.0 <=1.2.1)

org.apache.hive:hive-exec MAVEN version =0.8.0, =3.18.0.9, =0.1.5, =0.1.5, =0.1.0, =0.1.0, =0.1.0, =6.5.0, =6.5.0, =6.5.0, =6.5.0, =6.8.3 and more Source cves: CVE-2016-3083 Source advisory: OSV:GHSA-GF2V-9HP6-44QG...

7.5CVSS7.2AI score0.01006EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/03/14 3:40 p.m.6 views

com.amazon.emr:hive2-shims (>=5.0.0 <=5.6.0), com.scylladb.alternator:hive2-shims (>=5.6.0 <=5.8.0) potentially affected by CVE-2017-12625 via org.apache.hive:hive-exec (=2.3.0)

org.apache.hive:hive-exec MAVEN version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive-exec and may be impacted: - com.amazon.emr:hive2-shims =5.0.0, =5.6.0, =5.8.0 Source cves: CVE-2017-12625 Source advisory:...

4.3CVSS6.1AI score0.01431EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2018/11/21 10:25 p.m.6 views

ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.11), com.amazon.emr:hive2-shims (>=5.0.0 <=5.6.0) +114 more potentially affected by CVE-2018-11777 via org.apache.hive:hive-exec (>=0.8.0 <=2.3.3)

org.apache.hive:hive-exec MAVEN version =0.8.0, =3.18.0.9, =5.0.0, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =4.1.2-RELEASE, =0.1.1, =4.0.0-preview22.0.1, =1.0.5, =0.1.5, =0.1.5, =0.3.3 and more Source cves: CVE-2018-11777 Source advisory: OSV:GHSA-RRFQ-G5FQ-FC9C...

8.1CVSS7.4AI score0.02303EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/11/21 10:24 p.m.3 views

ai.h2o:h2o-orc-parser (>=3.18.0.9 <=3.46.0.11), com.amazon.emr:hive2-shims (>=5.0.0 <=5.6.0) +109 more potentially affected by CVE-2018-1284 via org.apache.hive:hive-exec (>=0.8.0 <=2.3.2)

org.apache.hive:hive-exec MAVEN version =0.8.0, =3.18.0.9, =5.0.0, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =4.1.2-RELEASE, =0.1.1, =4.0.0-preview22.0.1, =1.0.5, =0.1.5, =0.1.5, =0.3.3 and more Source cves: CVE-2018-1284 Source advisory: OSV:GHSA-RXMR-C9JM-7MM8...

4.3CVSS5.8AI score0.02272EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/11/21 10:24 p.m.4 views

com.amazon.emr:hive2-shims (>=5.0.0 <=5.6.0), com.boozallen.aissemble:extensions-data-delivery-spark (>=1.13.0-rc6 <=2.0.0) +59 more potentially affected by CVE-2018-1315 via org.apache.hive:hive-exec (>=2.1.0 <=2.3.2)

org.apache.hive:hive-exec MAVEN version =2.1.0, =5.0.0, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =1.13.0-rc6, =4.1.2-RELEASE, =4.0.0-preview22.0.1, =5.6.0, =4.1.0, =4.0.00.31.1-prerelease6, =4.0.0, =4.1.0, =4.2.0 and more Source cves: CVE-2018-1315 Source advisory: OSV:GHSA-P639-XXV5-J...

4.3CVSS5.8AI score0.0178EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2017/01/12 12:0 a.m.24 views

RunC Exec Vulnerability | Cloud Foundry

Medium Vendor Open Containers Initiative Description RunC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.31 views

FreeBSD : opera -- kfmclient exec command execution vulnerability (d8e55d65-81d6-11d9-a9e7-0001020eed82)

Giovanni Delvecchio reports : Opera for linux uses 'kfmclient exec' as 'Default Application' to handle saved files. This could be used by malicious remote users to execute arbitrary shell commands on a target system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

5CVSS5.7AI score0.12559EPSS
Exploits0References4
seebug.org
seebug.org
added 2005/01/11 12:0 a.m.17 views

Veritas Backup Exec Agent 8.x/9.x Browser Overflow (c version)

No description provided by source. / Got to give it to class101 on this one. Tested and penetrated. / str0ke / / VERITAS Backup Exec v9.1.4691.SP1 v9.1.4691.SP0 v8.5.3572 Agent Browser Service, Remote Stack Overflow Highly Critical All credits to: -iDEFENSEdiscovery-www.iDEFENSE.com, -Thor...

7.1AI score
Exploits0
Rows per page
Query Builder