934 matches found
Security Bulletin: Shell injection in CLI 'support execute' command affect IBM Security Guardium (CVE-2016-9974)
Summary IBM Security Guardium Database Activity Monitor could allow a locally authenticated attacker to execute arbitrary commands on the system. Vulnerability Details CVEID: CVE-2016-9974 DESCRIPTION: IBM Security Guardium Database Activity Monitor could allow a locally authenticated attacker to...
DEBIAN-CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
UBUNTU-CVE-2018-9246
The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...
MMM mmm_agentd shell command injection vulnerability (CNVD-2018-15512)
MySQL Multi-Master Replication Manager MMM is a set of flexible scripts that performs monitoring/failover and management of MySQL master-master replication configurations. mmmagentd is an agent daemon that runs on each MySQL server and provides a simple set of remote services to the monitoring...
CVE-2017-14477
In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
CVE-2017-14474
In the MMM::Agent::Helpers::execute function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An attacker that can...
CVE-2017-14474
In the MMM::Agent::Helpers::execute function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An attacker that can...
PT-2018-5671 · Mysql Server · Mysql Multi-Master Replication Manager (Mmm) Mmm Agentd
Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the add ip function, resulting in arbitrary command execution with the privileges...
EulerOS 2.0 SP1 : spice-vdagent (EulerOS-SA-2018-1051)
According to the version of the spice-vdagent package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access...
DEBIAN-CVE-2017-9274
A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...
Debian: Security Advisory (DLA-1072-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : backintime (openSUSE-2017-1309)
This update for backintime fixes the following issues : Security issue fixed : - CVE-2017-16667: Fixed shell injection in notify-send boo1067342. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...
CVE-2017-1000116
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...
CVE-2017-1000116
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...
DEBIAN-CVE-2017-1000116
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...
ALPINE-CVE-2017-1000116
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...
PYSEC-2017-89
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...
PYSEC-2017-89
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...
CVE-2017-1000116
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...
Sql injection
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks...