Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Microsoft CVE
Microsoft CVEadded 2020/08/18 7:0 a.m.2 views

Info-ZIP Zip 3.0 when the -T and -TT command-line options are used allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact because of an off-by-one error. NOTE: it is unclear whether there are realistic scenarios in which an untrusted party controls the -TT value given that the entire purpose of -TT is execution of arbitrary commands

...

9.8CVSS9.4AI score0.07908EPSS
Exploits0
OSV
OSVadded 2020/01/31 10:15 p.m.1 views

ALPINE-CVE-2014-8139

Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...

7.8CVSS8.4AI score0.09808EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2019/02/11 12:0 a.m.136 views

Debian DSA-4387-1 : openssh - security update

Harry Sintonen from F-Secure Corporation discovered multiple vulnerabilities in OpenSSH, an implementation of the SSH protocol suite. All the vulnerabilities are in found in the scp client implementing the SCP protocol. - CVE-2018-20685 Due to improper directory name validation, the scp client...

6.8CVSS7.2AI score0.54213EPSS
Exploits9References11
Debian
Debianadded 2014/12/17 4:9 p.m.28 views

[SECURITY] [DLA 113-1] bsd-mailx security update

Package : bsd-mailx Version : 8.1.2-0.20100314cvs-1+deb6u1 CVE ID : CVE-2014-7844 It was discovered that bsd-mailx, an implementation of the "mail" command, had an undocumented feature which treats syntactically valid email addresses as shell commands to execute. Users who need this feature can...

7.8CVSS7AI score0.02879EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2011/02/10 12:0 a.m.6 views

PT-2011-2432

Name of the Vulnerable Software and Affected Versions OpenSSH versions 5.6 through 5.7 Description The issue is related to the key certify function in OpenSSH, specifically when generating legacy certificates using the -t command-line option in ssh-keygen. This function does not initialize the...

7.5CVSS7.2AI score0.02075EPSS
Exploits0References15
Prion
Prionadded 2008/04/16 5:5 p.m.19 views

Design/Logic Flaw

The Korn shell aka mksh before R33d on MirOS aka MirBSD does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a...

7.2CVSS7.2AI score0.00045EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2008/04/16 5:0 p.m.18 views

CVE-2008-1845

The Korn shell aka mksh before R33d on MirOS aka MirBSD does not flush the tty's I/O when invoking mksh in a new terminal, which allows local users to gain privileges by opening a virtual terminal and entering command sequences, which might later be executed in opportunistic circumstances by a...

6.4AI score0.00045EPSS
Exploits0References5
Rows per page
Query Builder