Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7645 matches found

CVE
CVEadded 1999/09/29 4:0 a.m.63 views

CVE-1999-0148

The IRIX environment is affected by CVE-1999-0148 due to the installed /cgi-bin/handler CGI, which has a well-known flaw that allows arbitrary command execution. The vulnerability can execute commands with the privileges of the HTTP daemon (root or nobody). Documents consistently describe it as r...

7.5CVSS7.1AI score0.10462EPSS
Exploits0References2Affected Software1
exploitpack
exploitpackadded 1999/09/27 12:0 a.m.12 views

Microsoft Internet Explorer 4.15 - Registration Wizard Buffer Overflow

Microsoft Internet Explorer 4.15 - Registration Wizard Buffer Overflow Microsoft Internet Explorer 4.1/5.0 for Windows 95/Windows NT 4,Windows 98 Registration Wizard Buffer Overflow Vulnerability source: https://www.securityfocus.com/bid/671/info There is a buffer overflow in the Internet Explore...

0.3AI score
Exploits0
Exploit DB
Exploit DBadded 1999/09/27 12:0 a.m.26 views

Microsoft Internet Explorer 4 (Windows 95/NT 4.0) - Setupctl ActiveX Control Buffer Overflow

Microsoft Internet Explorer 4.0 for Windows 95/Windows NT 4 Setupctl ActiveX Control Buffer Overflow source: https://www.securityfocus.com/bid/667/info There is a buffer overflow in the setupctl ActiveX control that used to ship with some versions of Microsoft's Internet Explorer. This ActiveX...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 1999/09/27 12:0 a.m.29 views

Microsoft Internet Explorer 4.1/5 - Registration Wizard Buffer Overflow

Microsoft Internet Explorer 4.1/5.0 for Windows 95/Windows NT 4,Windows 98 Registration Wizard Buffer Overflow Vulnerability source: https://www.securityfocus.com/bid/671/info There is a buffer overflow in the Internet Explorer Registration Wizard control regwizc.dll. This control is marked 'Safe...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 1999/09/27 12:0 a.m.32 views

Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer Overflow

source: https://www.securityfocus.com/bid/668/info There is a buffer overflow in the 4.71.0.10 version of the MSN Setup BBS ActiveX control setupbbs.ocx.. This ActiveX control is marked 'Safe for Scripting' . Arbitrary commands may be executed if the ActiveX control is run in a malicious manner...

7.4AI score
Exploits0
NVD
NVDadded 1999/09/13 4:0 a.m.13 views

CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack...

7.2CVSS7.2AI score0.00802EPSS
Exploits0References4
NVD
NVDadded 1999/08/22 4:0 a.m.18 views

CVE-1999-1064

Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name argv0...

10CVSS7.7AI score0.025EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 1999/08/22 12:0 a.m.32 views

Sendmail mail from/rcpt to Pipe Arbitrary Command Execution

The remote SMTP server did not complain when issued the command : MAIL FROM: root@thishost RCPT TO: |testing This probably means that it is possible to send mail directly to programs, which is a serious threat, since this allows anyone to execute arbitrary commands on this host. This security hol...

7.2CVSS6AI score0.00441EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 1999/08/22 12:0 a.m.29 views

Sendmail MAIL FROM Command Arbitrary Remote Command Execution

The remote SMTP server did not complain when issued the command : MAIL FROM: |testing This probably means that it is possible to send mail that will be bounced to a program, which is a serious threat, since this allows anyone to execute arbitrary commands on this host. This security hole might be...

10CVSS5.6AI score0.02084EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 1999/08/20 12:0 a.m.81 views

Excite for Web Server architext_query.pl Shell Metacharacter Arbitrary Command Execution

Excite for Webservers is installed. This CGI has a well-known security flaw that lets a remote attacker execute arbitrary commands with the privileges of the web server. Versions newer than 1.1. are patched. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

7.5CVSS5.9AI score0.03919EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 1999/08/19 12:0 a.m.49 views

Glimpse HTTP aglimpse Arbitrary Command Execution

The remote web server is running GlipmseHTTP. The installed version suffers from a remote command execution vulnerability in the 'aglimpse' component. Note that we could not actually check for the presence of this vulnerability, and only checked for the existence of the 'aglimpse' CGI...

7.5CVSS5.7AI score0.08697EPSS
Exploits0References1
Exploit DB
Exploit DBadded 1999/08/03 12:0 a.m.55 views

ToxSoft NextFTP 1.82 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/572/info ToxSoft's shareware FTP client, NextFTP, contains an unchecked buffer in the code that parses CWD command replies. If the FTP server's reply contains the exploit code, arbitrary commands can be run on the client machine...

7.4AI score
Exploits0
exploitpack
exploitpackadded 1999/07/19 12:0 a.m.20 views

Microsoft Data Access Components (MDAC) 2.1 Microsoft IIS 3.04.0 Microsoft Index Server 2.0 Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS (2)

Microsoft Data Access Components MDAC 2.1 Microsoft IIS 3.04.0 Microsoft Index Server 2.0 Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS 2 source: https://www.securityfocus.com/bid/529/info MDAC Microsoft Data Access Components is a package used to integrate web and database services...

1.1AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 1999/07/13 12:0 a.m.349 views

Web Server /cgi-bin Shell Access

The remote web server has one of these shells installed in /cgi-bin : ash, bash, csh, ksh, sh, tcsh, zsh Leaving executable shells in the cgi-bin directory of a web server may allow an attacker to execute arbitrary commands on the target machine with the privileges of the HTTP daemon. %NASLMINLEV...

10CVSS6.1AI score0.33392EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.56 views

Multiple Vendor phf CGI Arbitrary Command Execution

The 'phf' CGI is installed. This CGI has a well known security flaw that lets an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

10CVSS5.8AI score0.86871EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.87 views

CDomain whois_raw.cgi fqdn Parameter Arbitrary Command Execution

The remote host appears to be using the CdomainFree 'whoisraw.cgi' script. This CGI script allows an attacker to view any file on the target computer, as well as to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

10CVSS6AI score0.12557EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.64 views

WebGais webgais CGI Arbitrary Command Execution

The 'webgais' CGI is installed. This CGI may let an attacker execute arbitrary commands with the privileges of the http daemon usually root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10300;...

7.5CVSS5.5AI score0.08717EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.57 views

HylaFAX faxsurvey Arbitrary Command Execution

The 'faxsurvey' CGI does not sanitize input to the query string. A remote attacker could exploit this to execute arbitrary commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription scriptid10067; scriptversion"1.45";...

7.5CVSS5.8AI score0.0907EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.35 views

in.fingerd Pipe Input Arbitrary Command Execution

It is possible to force the remote finger daemon to execute arbitrary commands by issuing requests like : finger |commandtoexecute@target An attacker may use this bug to gain a shell on this host. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10126; scriptversion...

7.5CVSS5.7AI score0.03992EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 1999/06/22 12:0 a.m.17 views

IRIX handler CGI Arbitrary Command Execution

The 'handler' cgi is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

7.5CVSS5.8AI score0.10462EPSS
Exploits0References4
Rows per page
Query Builder