CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2018/04/19 2:0 a.m.•12 views

CVE-2018-1167

8.8AI score0.04884EPSS

Zero Day Initiative•added 2018/04/18 12:0 a.m.•28 views

Microsoft Skype URL Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.5CVSS2.4AI score0.84707EPSS

Exploits31References1

CNVD•added 2018/03/15 12:0 a.m.•3 views

Adobe Connect Arbitrary File Deletion Vulnerability

Adobe Connect web conferencing software service provides an immersive online meeting experience for collaboration, virtual classrooms and large-scale webinars. An arbitrary file deletion vulnerability exists in Adobe Connect due to a command injection flaw in the Adobe Connect URI handler that ca...

9.1CVSS7.6AI score0.09546EPSS

CNVD•added 2018/03/14 12:0 a.m.•3 views

Adobe Dreamweaver Arbitrary Code Execution Vulnerability

Adobe Dreamweaver, or "DW" for short, is a WYSIWYG web code editor that combines web authoring and web site management, using a WYSIWYG interface with HTML an application of the Standard Generalized Markup Language editing. Adobe Dreamweaver makes it easy to create, code, and manage dynamic Web...

10CVSS7.8AI score0.14462EPSS

Adobe•added 2018/03/13 12:0 a.m.•33 views

APSB18-06 Security update available for Adobe Connect

Adobe has released a security update for Adobe Connect. This update resolves an unrestricted SWF file upload vulnerability CVE-2018-4921, which could be exploited to conduct cross-site scripting attacks. This update also resolves an OS command injection vulnerability in the Adobe Connect URI...

9.1CVSS1.6AI score0.09546EPSS

Exploits0Affected Software1

OSV•added 2018/01/26 2:29 a.m.•1 views

CVE-2017-14593

Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From version 0.8.4b of...

8.8CVSS6.1AI score0.05516EPSS

Exploits0References3

Prion•added 2018/01/26 2:29 a.m.•18 views

Command injection

Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. From version 1.4.0 of Sourcetree...

9CVSS9.4AI score0.05516EPSS

Exploits0References3Affected Software1

Prion•added 2018/01/26 2:29 a.m.•15 views

Command injection

9CVSS9.6AI score0.05516EPSS

Exploits0References3Affected Software1

Cvelist•added 2018/01/26 2:0 a.m.•16 views

CVE-2017-14592

9.6AI score0.05516EPSS

Exploits0References3

Zero Day Initiative•added 2017/12/06 12:0 a.m.•26 views

Cisco WebEx Network Recording Player Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wbx URI handler. When parsing the register parameter, the...

6.8CVSS4.2AI score0.0298EPSS

Packet Storm•added 2017/01/23 12:0 a.m.•48 views

Microsoft Remote Desktop Client For Mac 8.0.36 Remote Code Execution

Advisory ID: SGMA16-004 Title: Microsoft Remote Desktop Client for Mac Remote Code Execution Product: Microsoft Remote Desktop Client for Mac Version: 8.0.36 and probably prior Vendor: www.microsoft.com Type: Arbitrary file read/write leads to RCE Risk level: 4 / 5 Credit:...

0day.today•added 2016/02/17 12:0 a.m.•20 views

JMX2 Email Tester - save_email.php Arbitrary File Upload Exploit

Exploit for multiple platform in category web applications Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link:...

exploitpack•added 2016/02/17 12:0 a.m.•16 views

JMX2 Email Tester - save_email.php Arbitrary File Upload

JMX2 Email Tester - saveemail.php Arbitrary File Upload Exploit Title: JMX2 Email Tester - Web Shell Uploadsaveemail.php Date: 2016-02-15 Blog: http://www.hahwul.com Vendor Homepage: https://github.com/johnfmorton/jmx2-Email-Tester Software Link:...

Tenable Nessus•added 2015/11/20 12:0 a.m.•77 views

SolarWinds DameWare Mini Remote Control < 12.0 Hotfix 1 DWRCC.exe RCE

The remote host is running a version of SolarWinds DameWare Mini Remote Control prior to 12.0 Hotfix 1. It is, therefore, affected by a remote code execution vulnerability due to a flaw in the DWRCC.exe URI handler that is triggered when handling certain command line arguments. An unauthenticated...

7.5CVSS7AI score0.04846EPSS

Exploits0References3

NVD•added 2015/11/17 3:59 p.m.•24 views

CVE-2015-8220

Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link...

7.5CVSS8AI score0.04846EPSS

Exploits0References2

Prion•added 2015/11/17 3:59 p.m.•9 views

Stack overflow

7.5CVSS8.7AI score0.04846EPSS

Exploits0References2Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•18 views

XChat <= 2.8.7b (URI Handler) Remote Code Execution Exploit (ie6/ie7)

No description provided by source. Xchat = 2.8.7b Remote Code Execution tested on Windows XP SP1+SP2+SP3, IE6 & IE7 fully patched Vendor : http://xchat.org/ Affected Os : Windows Risk : critical This bug is related to the URI Handler vulnerability but the approch is a bit different. We don't use...

seebug.org•added 2014/07/01 12:0 a.m.•19 views

XChat 2.8.7b - 'ircs://' URI Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29696/info XChat is prone to a vulnerability that allows remote attackers to execute arbitrary commands in the context of the vulnerable user. This issue may lead to a remote compromise. The issue arises because of improp...

seebug.org•added 2014/07/01 12:0 a.m.•25 views

Microsoft Internet Explorer and Mozilla Firefox URI Handler Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24837/info Microsoft Internet Explorer, Mozilla Firefox and Netscape Navigator are prone to a vulnerability that lets attackers inject commands through the 'firefoxurl' and 'navigatorurl' protocol handlers. Exploiting the...