Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1765 matches found

Microsoft CVE
Microsoft CVEadded 2020/03/10 7:0 a.m.30 views

Dynamics Business Central Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Dynamics Business Central. An attacker who successfully exploited this vulnerability could execute arbitrary shell commands on victim's server. To exploit the vulnerability, an authenticated attacker needs to convince the victim into conne...

8CVSS4.2AI score0.32922EPSS
Exploits0
Microsoft KB
Microsoft KBadded 2020/03/10 7:0 a.m.138 views

Cumulative Update 27 for Microsoft Dynamics NAV 2018 (Build 41203)

Cumulative Update 27 for Microsoft Dynamics NAV 2018 Build 41203 This article applies to Microsoft Dynamics NAV 2018 for all countries and all language locales.A remote code execution vulnerability exists in Microsoft Dynamics NAV. A user who has the permission to access certain features that...

8CVSS8.8AI score0.32922EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2020/03/06 12:0 a.m.30 views

Ubuntu 18.04 LTS : OpenSMTPD vulnerabilities (USN-4294-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4294-1 advisory. It was discovered that OpenSMTPD mishandled certain input. A remote, unauthenticated attacker could use this vulnerability to execute arbitrary shell...

10CVSS7.9AI score0.88136EPSS
Exploits14References3
CNVD
CNVDadded 2020/02/27 12:0 a.m.1 views

Command Execution Vulnerability Exists in OpenSMTPD's

OpenSMTPD is a free implementation of the server-side SMTP protocol , and provides some additional standard extensions . OpenSMTPD's suffers from a command execution vulnerability. An attacker can execute arbitrary shell commands on a vulnerable OpenSMTPD installation...

10CVSS7.9AI score0.88136EPSS
Exploits10References1
RedhatCVE
RedhatCVEadded 2020/02/24 8:10 a.m.19 views

CVE-2019-14894

A flaw was found in the CloudForms management engine, which triggered remote code execution through NFS schedule backup. An attacker logged into the management console could use this flaw to execute arbitrary shell commands on the CloudForms server as root...

9CVSS2.8AI score0.02477EPSS
Exploits0References3
CNVD
CNVDadded 2020/02/12 12:0 a.m.1 views

Microsoft Windows and Windows Server Privilege Mobilization Vulnerability (CNVD-2020-10153)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A privilege extraction vulnerability exists in Microsoft Windows and Windows Server, which...

7.8CVSS7.8AI score0.00274EPSS
Exploits0References1
The Hacker News
The Hacker Newsadded 2020/01/30 9:7 a.m.151 views

Critical OpenSMTPD Bug Opens Linux and OpenBSD Mail Servers to Hackers

Cybersecurity researchers have discovered a new critical vulnerability CVE-2020-7247 in the OpenSMTPD email server that could allow remote attackers to take complete control over BSD and many Linux based servers. OpenSMTPD is an open-source implementation of the server-side SMTP protocol that was...

10CVSS0.9AI score0.94108EPSS
Exploits26
Exploit DB
Exploit DBadded 2020/01/30 12:0 a.m.345 views

OpenSMTPD 6.6.1 - Remote Code Execution

Exploit Title: OpenSMTPD 6.6.1 - Remote Code Execution Date: 2020-01-29 Exploit Author: 1F98D Original Author: Qualys Security Advisory Vendor Homepage: https://www.opensmtpd.org/ Software Link: https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.1p1 Version: OpenSMTPD '.formatsys.argv0...

10CVSS9.7AI score0.94108EPSS
Exploits26
0day.today
0day.todayadded 2020/01/29 12:0 a.m.152 views

OpenBSD OpenSMTPD Privilege Escalation / Code Execution Vulnerabilities

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 commit a8e222352f, "switch smtpd to new grammar" and allows an attacker to execute arbitrary shell commands, as root. OpenBSD OpenSMTPD Privilege Escalation / Code Execution...

10CVSS1AI score0.94108EPSS
Exploits26
Packet Storm
Packet Stormadded 2020/01/29 12:0 a.m.226 views

OpenBSD OpenSMTPD Privilege Escalation / Code Execution

Qualys Security Advisory LPE and RCE in OpenSMTPD CVE-2020-7247 ============================================================================== Contents ============================================================================== Summary Analysis Exploitation Acknowledgments...

0.8AI score0.94108EPSS
Exploits26
Cvelist
Cvelistadded 2020/01/27 9:58 p.m.17 views

CVE-2013-2612

Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI...

9.9AI score0.05717EPSS
Exploits1References2
CVE
CVEadded 2020/01/27 9:58 p.m.44 views

CVE-2013-2612

Huawei E587 3G Mobile Hotspot (firmware 11.203.27) is affected by a command injection in the Web UI. The vulnerable HTTP endpoint is /api/device/time, where unsanitized input allows an attacker to execute arbitrary shell commands with root privileges. This CVE-2013-2612 entry is supported by mult...

10CVSS9.7AI score0.05717EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVASadded 2020/01/23 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for subversion (EulerOS-SA-2017-1176)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9AI score0.67275EPSS
Exploits3References2
Mageia
Mageiaadded 2020/01/07 9:19 p.m.39 views

Updated radare2 packages fix security vulnerabilities

Updated radare2 packages fix security vulnerabilities: In radare2 through 3.5.1, there is a heap-based buffer over-read in the regglangparsechar function of egglang.c. This allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact because of...

7.8CVSS6.1AI score0.04668EPSS
Exploits5References5
Zero Science Lab
Zero Science Labadded 2019/12/29 12:0 a.m.106 views

HomeAutomation v3.3.2 CSRF Remote Command Execution (PHP Reverse Shell) PoC

Summary HomeAutomation is an open-source web interface and scheduling solution. It was initially made for use with the Telldus TellStick, but is now based on a plugin system and except for Tellstick it also comes with support for Crestron, OWFS and Z-Wave using OpenZWave. It controls your devices...

8.5CVSS7.6AI score0.0117EPSS
Exploits2
OSV
OSVadded 2019/12/18 6:15 p.m.0 views

CVE-2019-8513

This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands...

7.8CVSS7.3AI score
Exploits0References1
Cvelist
Cvelistadded 2019/12/18 5:33 p.m.12 views

CVE-2019-8513

This issue was addressed with improved checks. This issue is fixed in macOS Mojave 10.14.4. A local user may be able to execute arbitrary shell commands...

7.6AI score0.09355EPSS
Exploits4References1
Tenable Nessus
Tenable Nessusadded 2019/12/16 12:0 a.m.35 views

FreeBSD : spamassassin -- multiple vulnerabilities (70111759-1dae-11ea-966a-206a8a720317)

the Apache Spamassassin project reports : An input validation error of user-supplied input parsing multipart emails. Specially crafted emails can consume all resources on the system. A local user is able to execute arbitrary shell commands through specially crafted nefarious CF files. C Tenable...

7.5CVSS7AI score0.17694EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2019/12/13 12:0 a.m.2 views

PT-2020-9609 · Ksh +3 · Ksh +3

Name of the Vulnerable Software and Affected Versions: ksh version 20120801 Description: A flaw was found in the way ksh evaluates certain environment variables, allowing an attacker to override or bypass environment restrictions to execute shell commands. Services and applications that allow...

7.8CVSS7AI score0.00204EPSS
Exploits0References51
Prion
Prionadded 2019/12/11 4:15 p.m.13 views

Command injection

Openshift has shell command injection flaws due to unsanitized data being passed into shell commands...

9CVSS7.8AI score0.01429EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder