7632 matches found
[ASA-201708-14] subversion: arbitrary command execution
Arch Linux Security Advisory ASA-201708-14 ========================================== Severity: Critical Date : 2017-08-15 CVE-ID : CVE-2017-9800 Package : subversion Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-379 Summary ======= The package subversi...
[SECURITY] [DSA 3940-1] cvs security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3940-1 [email protected] https://www.debian.org/security/ Sebastien Delafond August 13, 2017 https://www.debian.org/security/faq -...
[ASA-201708-7] mercurial: multiple issues
Arch Linux Security Advisory ASA-201708-7 ========================================= Severity: Critical Date : 2017-08-12 CVE-ID : CVE-2017-1000115 CVE-2017-1000116 Package : mercurial Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-378 Summary ======= The package...
[ASA-201708-6] git: arbitrary command execution
Arch Linux Security Advisory ASA-201708-6 ========================================= Severity: Critical Date : 2017-08-12 CVE-ID : CVE-2017-1000117 Package : git Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-377 Summary ======= The package git before...
DEBIAN-CVE-2017-9800
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server to attack another...
CVE-2017-9800
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server to attack another...
CVE-2017-2282
CVE-2017-2282 is a buffer overflow in the I-O DATA WN-AX1167GR wireless router firmware (versions 3.00 and earlier). The root cause is a buffer overflow in the device’s firmware that allows an attacker connected to the network to execute arbitrary commands on the device. Public sources (e.g., JVN...
CVE-2017-9479
The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows remote attackers to execute arbitrary commands as root by leveraging local network access and connecting to the syseventd server, as demonstrated by copying configuration data into a...
I-O DATA WN-AX1167GR Buffer Overflow Vulnerability
The I-O DATA DEVICE WN-AX1167GR is a wireless router product from I-O DATA DEVICE Japan. A buffer overflow vulnerability exists in the WN-AX1167GR using firmware version 3.00 and earlier. An attacker can exploit this vulnerability to execute arbitrary commands...
I-O DATA WN-AX1167GR Buffer Overflow Vulnerability (CNVD-2017-20143)
The I-O DATA DEVICE WN-AX1167GR is a wireless router product from I-O DATA DEVICE Japan. A buffer overflow vulnerability exists in the WN-AX1167GR using firmware version 3.00 and earlier. An attacker can exploit this vulnerability to execute arbitrary commands...
CVE-2017-2275
WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors...
CVE-2017-2276
Buffer overflow in WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary commands via unspecified vectors...
CVE-2017-2276
The CVE-2017-2276 issue affects Sony Portable Wireless Server WG-C10, v3.0.79 and earlier. It is a buffer overflow (CWE-119) that can allow an attacker to execute arbitrary OS commands, typically when an administrator is logged in. The connected records corroborate this as the main vulnerability ...
CVE-2017-2275
Implemented details for CVE-2017-2275 show that Sony WG-C10 Portable Wireless Server (v3.0.79 and earlier) is affected by an OS command injection vulnerability. An attacker with administrator login can execute arbitrary OS commands on the device via unspecified vectors. The linked documents confi...
The vulnerability of the CLI component of the Cisco IOS operating system, allowing a hacker to execute arbitrary commands
The vulnerability of the Cisco IOS operating system’s CLI component exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor, operating locally, to execute arbitrary commands with root privileges...
McAfee Advanced Threat Defense WEB Interface Command Injection Vulnerability
McAfee Advanced Threat Defense is a powerful anti-malware solution. A security vulnerability in the McAfee Advanced Threat Defense WEB interface allows remote attackers to exploit the vulnerability to submit a special request and execute arbitrary commands...
Windows SMB PsImpersonateClient null token vulnerability
Added: 07/13/2017 CVE: CVE-2017-0144 BID: 96704 Background Server Message Block SMB is the protocol used by Microsoft Windows computers to communicate over a network. Problem A remote attacker can execute arbitrary commands with SYSTEM privileges by overwriting the token to a null value and forci...
CVE-2017-2237
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors...
Teltonika RUT9XX Router Arbitrary Command Execution Vulnerability
Teltonika RUT9XX routers also known as LuCI is a router product from the Lithuanian company Teltonika. A security vulnerability exists in the administration interface of Teltonika RUT9XX routers with firmware version 00.03.265 and earlier. The vulnerability can be exploited by a remote attacker t...
Cisco Ultra Services Framework Staging Server Arbitrary Command Execution Vulnerability
Cisco Ultra is the virtual, mobile services platform. A security vulnerability in the AutoIT service of the Cisco Ultra Services Framework Staging Server can be exploited by an unauthenticated, remote attacker to execute arbitrary shell commands as a Linux root user due to a failure to properly...