Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8682 matches found

CERT
CERTadded 2002/07/13 12:0 a.m.26 views

Microsoft Windows 2000 Network Dynamic Data Exchange (DDE) executes code as Local System

Overview The Windows 2000 Network DDE agent permits local users to execute commands with system privileges. Description Dynamic Data Exchange DDE is an interprocess communication mechanism used in Microsoft Windows. A DDE share is an area of memory which is used to store and retrieve data. Networ...

7.2CVSS6.8AI score0.02886EPSS
Exploits1References5
securityvulns
securityvulnsadded 2002/07/11 12:0 a.m.59 views

IE allows universal Cross Domain Scripting (TL#003)

Thor Larholm, PivX, security advisory TL003 ------------------------------------- By Thor Larholm, Denmark 10 July 2002 HTML format: http://www.PivX.com/larholm/adv/TL003/ Topic: IE allows universal Cross Domain Scripting. Discovery date: 25 June 2002. Severity: High Affected applications:...

6.9AI score
Exploits0
exploitpack
exploitpackadded 2002/06/30 12:0 a.m.9 views

E-Guest 1.1 - Server Side Include Arbitrary Command Execution

E-Guest 1.1 - Server Side Include Arbitrary Command Execution source: https://www.securityfocus.com/bid/5129/info E-Guest guest book is a freely available, open source guest book. It is designed for Unix and Linux operating systems. E-Guest does not adequately sanitize user-supplied input in gues...

1AI score
Exploits0
Cvelist
Cvelistadded 2002/06/25 4:0 a.m.13 views

CVE-2002-0211

Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable temporary "gunzip" program before executing it, which could allow local users to execute arbitrary commands by modifying the program before it is executed...

7.2AI score0.00315EPSS
Exploits1References5
exploitpack
exploitpackadded 2002/06/15 12:0 a.m.9 views

ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution

ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution source: https://www.securityfocus.com/bid/5028/info Zeroboard is a PHP web board package available for the Linux and Unix platforms. Under some circumstances, it may be possible to include arbitrary PHP files. The head.php file does not...

0.2AI score
Exploits0
Cvelist
Cvelistadded 2002/06/11 4:0 a.m.13 views

CVE-2002-0508

wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters 1 prolog or 2 epilog...

7.6AI score0.04426EPSS
Exploits0References7
CVE
CVEadded 2002/06/11 4:0 a.m.73 views

CVE-2002-0436

The CVE-2002-0436 entry maps to the SunSolve CD package: the CGI script sscd_suncourier.pl does not validate the email parameter, enabling remote command execution via shell metacharacters. Documented by NVD/Nessus/OpenVAS references, this is a clientless, remote issue affecting Sunsolve CD CGI i...

10CVSS7.6AI score0.03931EPSS
Exploits0References3Affected Software2
RedHat Linux
RedHat Linuxadded 2002/06/04 7:9 p.m.4 views

Important: Red Hat Security Advisory: : : : Updated xchat packages fix "/dns" vulnerability

A security vulnerability in XChat allows a malicious server to execute arbitrary commands. Updated 11 July 2003 Added packages for Red Hat Linux on IBM iSeries and pSeries systems. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IR...

7.5CVSS5.9AI score0.01079EPSS
Exploits0References1
NVD
NVDadded 2002/05/29 4:0 a.m.25 views

CVE-2002-0363

ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice...

7.5CVSS7.4AI score0.0068EPSS
Exploits0References8
CERT
CERTadded 2002/05/23 12:0 a.m.19 views

Taskpads ActiveX Control incorrectly marked safe-for-scripting

Overview The taskpads ActiveX control included with some resource kit products circa February 1999 was incorrectly marked safe-for-scripting. Description The taskpads ActiveX control included with the Microsoft Windows 98 resource kit, the Microsoft Windows 98 resource kit sampler, and the Back...

7.5CVSS7AI score0.08913EPSS
Exploits0References2
Cvelist
Cvelistadded 2002/05/03 4:0 a.m.15 views

CVE-2002-0277

Add2it Mailman Free 1.73 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the list parameter...

7.7AI score0.01232EPSS
Exploits0References4
securityvulns
securityvulnsadded 2002/04/30 12:0 a.m.38 views

eSecurityOnline Security Advisory 2408 - CIDER SHADOW CGI

eSO Security Advisory: 2408 Discovery Date: April 3, 2000 ID: eSO:2408 Title: CIDER SHADOW CGI arbitrary command execution vulnerabilities Impact: Remote attackers can execute commands with the privileges of the running web server process Affected Technology: CIDER SHADOW 1.5, 1.6 Vendor Status:...

7.5CVSS0.8AI score0.01014EPSS
Exploits0
exploitpack
exploitpackadded 2002/04/23 12:0 a.m.14 views

CGIScript.net - csMailto Hidden Form Field Remote Command Execution

CGIScript.net - csMailto Hidden Form Field Remote Command Execution source: https://www.securityfocus.com/bid/4579/info CGIScript.NET csMailto is a Perl script designed to support multiple mailto: forms. A vulnerability has been reported in some versions of this script. Reportedly, configuration...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2002/04/18 12:0 a.m.76 views

Apache on Windows < 1.3.24 / 2.0.x < 2.0.34 DOS Batch File Arbitrary Command Execution

Apache for Win32 prior to 1.3.24 and 2.0.x prior to 2.0.34-beta is shipped with a default script, '/cgi-bin/test-cgi.bat', that allows an attacker to remotely execute arbitrary commands on the host subject to the permissions of the affected application. An attacker can send a pipe character '|'...

7.5CVSS5.9AI score0.88277EPSS
Exploits1References3
securityvulns
securityvulnsadded 2002/04/16 12:0 a.m.50 views

Several x-dev.de Guestbook and xNewsletter Vulnerabilities &#40; www.x-dev.de &#41;

------------------------------------------------------------ itcp advisory 12 [email protected] http://www.it-checkpoint.net/advisory/12.html April 14th, 2002 - ------------------------------------------------------------ Several x-dev.de Guestbook and xNewsletter Vulnerabilities...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2002/04/04 12:0 a.m.18 views

Dynamic Guestbook V3.0 Cross Site Scripting and Arbitrary Command Execution under certain circumstances

------------------------------------------------------------- itcp advisory 7 [email protected] http://www.it-checkpoint.net/advisory/7.html April 3rd, 2002 ------------------------------------------------------------- Dynamic Guestbook V3.0 Cross Site Scripting and Arbitrary Command...

0.4AI score
Exploits0
CERT
CERTadded 2002/03/29 12:0 a.m.18 views

Microsoft Internet Explorer does not adequately evaluate malformed URLs

Overview Microsoft Internet Explorer contains a serious vulnerability in its handling of zone determination. Description Microsoft Internet Explorer contains a vulnerability in the way in which it handles zone determination. Specifically, HTML scripts stored in cookies should be executed in the...

7.5CVSS6.5AI score0.20335EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2002/03/19 12:0 a.m.62 views

Apache-SSL < 1.3.23+1.46 i2d_SSL_SESSION Function SSL Client Certificate Overflow

The remote host is using a version of Apache-SSL that is older than 1.3.22+1.46. Such versions are vulnerable to a buffer overflow that, albeit difficult to exploit, may allow an attacker to execute arbitrary commands on this host subject to the privileges under which the web server operates. C...

7.5CVSS5.9AI score0.02702EPSS
Exploits1References5
exploitpack
exploitpackadded 2002/03/11 12:0 a.m.15 views

Solaris 7.08 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution

Solaris 7.08 Sunsolve CD - SSCDSunCourier.pl CGI Script Arbitrary Command Execution source: https://www.securityfocus.com/bid/4269/info The Sunsolve CD is part of the Solaris Media pack. It is included as a documentation resource, and is available for the Solaris Operating Environment. A CGI scri...

0.1AI score
Exploits0
CVE
CVEadded 2002/03/09 5:0 a.m.51 views

CVE-2001-0422

CVE-2001-0422 affects Xsun on Solaris 8 and earlier. A buffer overflow triggered by a long HOME environment variable allows local users to execute arbitrary commands. The provided documents do not include remediation details.

7.2CVSS7.7AI score0.00263EPSS
Exploits1References4Affected Software2
Rows per page
Query Builder