CVE-2017-3806

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation Firewall and Cisco Firepower 9300 Security Appliance could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. More Information: CSCvb61343. Known...

CVE-2017-3796

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6...

Design/Logic Flaw

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6...

CVE-2017-3796

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6...

CVE-2017-3796

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6...

CVE-2017-3796

CVE-2017-3796 affects Cisco WebEx Meetings Server (CWMS). The issue enables an authenticated, remote attacker to trigger predetermined shell commands on other CWMS hosts. The root cause stems from insufficient security configurations of bash in interactive mode, allowing an attacker to execute co...

Cisco Webex Meetings Server Command Bypass Vulnerability

A vulnerability in Cisco Webex Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Zeroshell Remote Code Execution Vulnerability

Zeroshell is a Linux distribution for servers and embedded devices that aims to provide the main network services needed for a LAN. A remote code execution vulnerability exists in Zeroshell, which, by failing to properly filter user-submitted input, allows remote attackers to exploit the...

Design/Logic Flaw

Liferay Portal through 6.2.10 allows remote authenticated users to execute arbitrary shell commands via a crafted Velocity template...

Arbitrary Remote Code Execution Via Buffer Overflow

pycrypto is vulnerable to remote code execution RCE via heap buffer overflow attacks. There is a heap buffer overflow on ALGobject.IV in blocktemplace.c, where attackers can write as many bytes as they want on part of the heap, and exploit it to control the execution flow to execute shell command...

U.S. Dept Of Defense: Remote code execution on an Army website

A webserver hosted by the U.S. Army allowed the execution of local shell commands. meals was able to demonstrate this vulnerability by crafting a specially formatted URL. Thanks meals!...

U.S. Dept Of Defense: RCE on a Department of Defense website

A misconfigured webserver hosted by the Department of Defense allowed the execution of local shell commands. dawgyg was able to demonstrate this vulnerability by crafting a particularly formatted URL. Thanks dawgyg!...

WordPress XCloner 3.1.5 Denial Of Service / Code Execution

Exploit Title: XCloner = 3.1.5 Multiple Vulnerabilities Google Dork: inurl:"plugins/xcloner-backup-and-restore/readme.txt" -site:wordpress.org Date: 08/11/2016 Exploit Author: Felipe Molina @felmoltor Vendor Homepage: www.xcloner.com Software Link:...

Commodity 'Exaspy' Spyware Targets High-Level Execs

Researchers say they have discovered commodity Android spyware called Exaspy being used to spy on executives. The spyware, according to Skycure Research Labs, is being sold as a $15-a-month turnkey service online and can be used to intercept nearly all phone-based communications including phone...

CVE-2015-8969

git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to "cd " and "git clone " commands in the library...

Cisco TelePresence Endpoints Local Command Injection Vulnerability

Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. The vulnerability is due to incomplete input sanitization of some commands. An attacker could exploit this...

Samba 3.0.0 <= 3.0.25rc3 MS-RPC Remote Shell Command Execution Vulnerability - Active Check

Samba is prone to a vulnerability that allows attackers to execute arbitrary shell commands because the software fails to sanitize user-supplied input. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Samba 3.0.0 <= 3.0.25rc3 MS-RPC Remote Shell Command Execution Vulnerability - Version Check

Samba is prone to a vulnerability that allows attackers to execute arbitrary shell commands because the software fails to sanitize user-supplied input. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Amazon Linux: Security Advisory (ALAS-2016-716)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Red Hat CloudForms Management Engine Arbitrary Command Execution Vulnerability

The Red Hat CloudForms Management Engine CFME is a management engine for IaaS Infrastructure as a Service cloud services solutions from Red Hat, Inc. An arbitrary command execution vulnerability exists in Red Hat CFME version 4.1, which can be exploited by remote attackers to execute arbitrary...