Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7622 matches found

FreeBSD
FreeBSDadded 2004/08/04 12:0 a.m.24 views

gnomevfs -- unsafe URI handling

Alexander Larsson reports that some versions of gnome-vfs and MidnightCommander contain a number of extfs' scripts that do not properly validate user input. If an attacker can cause her victim to process a specially-crafted URI, arbitrary commands can be executed with the privileges of the victim...

7.5CVSS6.5AI score0.00855EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/07/31 12:0 a.m.26 views

Mandrake Linux Security Advisory : xpdf (MDKSA-2003:071-1)

Martyn Gilmore discovered flaws in various PDF viewers, including xpdf. An attacker could place malicious external hyperlinks in a document that, if followed, could execute arbitary shell commands with the privileges of the person viewing the PDF document. Update : New packages are available as t...

7.5CVSS5.5AI score0.25515EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2004/07/31 12:0 a.m.38 views

Mandrake Linux Security Advisory : dhcpcd (MDKSA-2003:003)

A vulnerability was discovered by Simon Kelley in the dhcpcd DHCP client daemon. dhcpcd has the ability to execute an external script named dhcpcd-.exe when an IP address is assigned to that network interface. The script sources the file /var/lib/dhcpcd/dhcpcd-.info which contains shell variables...

7.5CVSS5.8AI score0.00706EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/07/31 12:0 a.m.23 views

Mandrake Linux Security Advisory : gaim (MDKSA-2002:054-1)

Versions of Gaim an AOL instant message client prior to 0.58 contain a buffer overflow in the Jabber plug-in module. As well, a vulnerability was discovered in the URL-handling code, where the 'manual' browser command passes an untrusted string to the shell without reliable quoting or escaping...

7.5CVSS6AI score0.0611EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2004/07/23 12:0 a.m.23 views

Fedora Core 1 : kdepim-3.1.4-2 (2004-133)

The KDE team found a buffer overflow in the file information reader of VCF files. An attacker could construct a VCF file so that when it was opened by a victim it would execute arbitrary commands. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2003-0988 t...

7.5CVSS6.1AI score0.07687EPSS
Exploits0References2
Cvelist
Cvelistadded 2004/07/14 4:0 a.m.29 views

CVE-2004-0201

Heap-based buffer overflow in the HtmlHelp program hh.exe in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041...

7.5AI score0.50676EPSS
Exploits0References9
Cvelist
Cvelistadded 2004/07/08 4:0 a.m.19 views

CVE-2004-0395

The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call...

7AI score0.00063EPSS
Exploits0References3
Cvelist
Cvelistadded 2004/07/06 4:0 a.m.17 views

CVE-2002-1582

compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi...

7.6AI score0.0178EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2004/07/06 12:0 a.m.26 views

RHEL 2.1 : xchat (RHSA-2002:124)

A security issue in XChat allows a malicious server to execute arbitrary commands. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IRC server when a /dns query is executed. Because XChat resolves hostnames by passing the configured...

7.5CVSS5.8AI score0.01079EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/07/06 12:0 a.m.41 views

RHEL 2.1 : XFree86 (RHSA-2003:065)

Updated XFree86 packages that resolve various security issues and additionally provide a number of bug fixes and enhancements are now available for Red Hat Enterprise Linux 2.1. XFree86 is an implementation of the X Window System, which provides the graphical user interface, video drivers, etc. f...

10CVSS6AI score0.01309EPSS
Exploits0References11
Tenable Nessus
Tenable Nessusadded 2004/07/06 12:0 a.m.41 views

RHEL 2.1 : cvs (RHSA-2003:013)

Updated CVS packages are now available for Red Hat Linux Advanced Server. These updates fix a vulnerability which would permit arbitrary command execution on servers configured to allow anonymous read-only access. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 CVS is a...

7.5CVSS6.1AI score0.37007EPSS
Exploits1References4
securityvulns
securityvulnsadded 2004/06/26 12:0 a.m.19 views

format string vulnerability in Gnats

Zone-h Security Advisory Date of discovery : 21 june 2004 Date of release : 24 june 2004 Bug found by Khan Shirani [email protected] http://www.zone-h.org --------------------------------------- Software : GNU Gnats 4.00 Bugs : formats string bugs Risk : low/medium Platform : nix...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2004/06/25 12:0 a.m.22 views

[ GLSA 200406-18 ] gzip: Insecure creation of temporary files

Gentoo Linux Security Advisory GLSA 200406-18 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

0.1AI score
Exploits0
exploitpack
exploitpackadded 2004/05/05 12:0 a.m.14 views

PHPX 3.x - forums.php Cross-Site Request Forgery Arbitrary Command Execution

PHPX 3.x - forums.php Cross-Site Request Forgery Arbitrary Command Execution source: https://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properl...

0.9AI score
Exploits0
Exploit DB
Exploit DBadded 2004/05/05 12:0 a.m.24 views

PHPX 3.x - '/forums.php' Cross-Site Request Forgery / Arbitrary Command Execution

source: https://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative commands. This issue could permit a remot...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2004/05/05 12:0 a.m.62 views

PHPX 3.x - '/page.php' Cross-Site Request Forgery / Arbitrary Command Execution

source: https://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative commands. This issue could permit a remot...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2004/04/30 12:0 a.m.217 views

Coppermine Photo Gallery 1.2.2b - theme.php Remote File Inclusion

Coppermine Photo Gallery 1.2.2b - theme.php Remote File Inclusion source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the...

Exploits0
Exploit DB
Exploit DBadded 2004/04/30 12:0 a.m.236 views

Coppermine Photo Gallery 1.2.2b - 'theme.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the application fails to properly sanitize and validate user-supplied inp...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2004/04/30 12:0 a.m.9 views

Coppermine Photo Gallery 1.2.2b - menu.inc.php Cross-Site Scripting

Coppermine Photo Gallery 1.2.2b - menu.inc.php Cross-Site Scripting source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because the...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2004/04/30 12:0 a.m.46 views

Coppermine Photo Gallery 1.2.0 RC4 - init.inc.php Remote File Inclusion

Coppermine Photo Gallery 1.2.0 RC4 - init.inc.php Remote File Inclusion source: https://www.securityfocus.com/bid/10253/info Coppermine Photo Gallery is reported prone to multiple input-validation vulnerabilities, some of which may lead to arbitrary command execution. These issues occur because t...

Exploits0
Rows per page
Query Builder