CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

906 matches found

Tenable Nessus•added 2018/03/20 12:0 a.m.•24 views

EulerOS 2.0 SP1 : spice-vdagent (EulerOS-SA-2018-1051)

According to the version of the spice-vdagent package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access...

7.8CVSS7.1AI score0.00143EPSS

Exploits0References2

OSV•added 2018/03/01 8:29 p.m.•3 views

DEBIAN-CVE-2017-9274

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

7.8CVSS7.8AI score0.00549EPSS

Exploits0References1

OpenVAS•added 2018/02/06 12:0 a.m.•85 views

Debian: Security Advisory (DLA-1072-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.1AI score0.04585EPSS

Exploits1References3

Tenable Nessus•added 2017/11/27 12:0 a.m.•25 views

openSUSE Security Update : backintime (openSUSE-2017-1309)

This update for backintime fixes the following issues : Security issue fixed : - CVE-2017-16667: Fixed shell injection in notify-send boo1067342. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...

9.3CVSS7.2AI score0.00435EPSS

Exploits0References2

OSV•added 2017/10/05 1:29 a.m.•1 views

DEBIAN-CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

9.8CVSS7.3AI score0.04585EPSS

Exploits1References1

OSV•added 2017/10/05 1:29 a.m.•18 views

CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

9.8CVSS9.3AI score

Exploits0References5

OSV•added 2017/10/05 1:29 a.m.•1 views

ALPINE-CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

9.8CVSS6.9AI score0.04585EPSS

Exploits1References1

NVD•added 2017/10/05 1:29 a.m.•29 views

CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

10CVSS9.1AI score0.04585EPSS

Exploits1References5

OSV•added 2017/10/05 1:29 a.m.•35 views

PYSEC-2017-89

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

10CVSS1.8AI score0.04585EPSS

Exploits1References5

UbuntuCve•added 2017/10/05 1:29 a.m.•37 views

CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

10CVSS6.8AI score0.04585EPSS

Exploits1References13

PyPA•added 2017/10/05 1:29 a.m.•4 views

PYSEC-2017-89

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

10CVSS6.9AI score0.04585EPSS

Exploits1References5Affected Software1

Prion•added 2017/10/05 1:29 a.m.•29 views

Sql injection

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

10CVSS8.9AI score0.04585EPSS

Exploits1References5Affected Software8

FreeBSD•added 2017/10/05 12:0 a.m.•35 views

mercurial -- multiple issues

mercurial developers reports: Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

8.7AI score

Exploits0References3

Cvelist•added 2017/10/04 1:0 a.m.•29 views

CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

9.2AI score0.04585EPSS

Exploits1References5

Debian CVE•added 2017/10/04 1:0 a.m.•31 views

CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

10CVSS8AI score0.04585EPSS

Exploits1

CVE•added 2017/10/04 1:0 a.m.•146 views

CVE-2017-1000116

Mercurial prior to 4.3 is affected by CVE-2017-1000116 due to inadequate sanitization of SSH hostnames, enabling possible shell-injection via crafted ssh URLs. This is a network‑based, high‑impact issue (per CVSS), with references noting fixes in Mercurial 4.3.1/4.3.2 (see release notes in the re...

10CVSS9AI score0.04585EPSS

Exploits1References5Affected Software1

AlpineLinux•added 2017/10/04 1:0 a.m.•42 views

CVE-2017-1000116

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...

10CVSS9.4AI score0.04585EPSS

Exploits1

CNVD•added 2017/09/18 12:0 a.m.•2 views

TerraMaster TOS shell metacharacter injection vulnerability

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A security vulnerability exists in the /usr/www/include/ajax/GetTest.php file in...

10CVSS7.5AI score0.07711EPSS

Exploits1References1

OSV•added 2017/09/15 8:29 p.m.•1 views

CVE-2017-9328

Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root...

9.8CVSS6.3AI score

Exploits0References1