Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8690 matches found

Tenable Nessus
Tenable Nessusadded 2004/08/20 12:0 a.m.10 views

AWStats Rawlog Plugin Logfile Parameter Arbitrary Command Execution

Binary data 1728.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2004/08/20 12:0 a.m.19 views

Aplio Internet Phone authenticate.cgi Arbitrary Command Execution

Binary data 1641.prm...

7.5CVSS7.3AI score0.02126EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2004/08/20 12:0 a.m.17 views

AOL Instant Messenger IMG Tag Arbitrary Command Execution

Binary data 1251.prm...

5CVSS7.3AI score0.11077EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2004/08/20 12:0 a.m.13 views

bsguest.cgi Guestbook Email Address Variable Arbitrary Command Execution

Binary data 1644.prm...

10CVSS7.3AI score0.188EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2004/08/18 12:0 a.m.15 views

IkonBoard FUNC.pm lang Cookie Arbitrary Command Execution

Binary data 1537.prm...

7.5CVSS7.3AI score0.1091EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2004/08/18 12:0 a.m.15 views

Sendmail DEBUG Arbitrary Command Execution

Binary data 2028.prm...

10CVSS7.3AI score0.18294EPSS
Exploits3References2
Tenable Nessus
Tenable Nessusadded 2004/08/13 12:0 a.m.233 views

YaPiG < 0.92.2 Multiple Scripts Arbitrary Command Execution

The remote host is running YaPiG, a web-based image gallery written in PHP. The remote version of YaPiG may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack of sanitization of user-supplied data. It is reported that an attacker may be ab...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2004/08/09 12:0 a.m.130 views

BasiliX login.php3 username Variable Arbitrary Command Execution

The remote host appears to be running a version of BasiliX between 1.0.2beta or 1.0.3beta. In such versions, the script 'login.php3' fails to sanitize user input, which enables a remote attacker to pass in a specially crafted value for the parameter 'username' with arbitrary commands to be execut...

5.6AI score
Exploits0References1
FreeBSD
FreeBSDadded 2004/08/04 12:0 a.m.24 views

gnomevfs -- unsafe URI handling

Alexander Larsson reports that some versions of gnome-vfs and MidnightCommander contain a number of extfs' scripts that do not properly validate user input. If an attacker can cause her victim to process a specially-crafted URI, arbitrary commands can be executed with the privileges of the victim...

7.5CVSS6.5AI score0.00855EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/07/31 12:0 a.m.26 views

Mandrake Linux Security Advisory : xpdf (MDKSA-2003:071-1)

Martyn Gilmore discovered flaws in various PDF viewers, including xpdf. An attacker could place malicious external hyperlinks in a document that, if followed, could execute arbitary shell commands with the privileges of the person viewing the PDF document. Update : New packages are available as t...

7.5CVSS5.5AI score0.25515EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2004/07/31 12:0 a.m.23 views

Mandrake Linux Security Advisory : gaim (MDKSA-2002:054-1)

Versions of Gaim an AOL instant message client prior to 0.58 contain a buffer overflow in the Jabber plug-in module. As well, a vulnerability was discovered in the URL-handling code, where the 'manual' browser command passes an untrusted string to the shell without reliable quoting or escaping...

7.5CVSS6AI score0.0611EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2004/07/31 12:0 a.m.38 views

Mandrake Linux Security Advisory : dhcpcd (MDKSA-2003:003)

A vulnerability was discovered by Simon Kelley in the dhcpcd DHCP client daemon. dhcpcd has the ability to execute an external script named dhcpcd-.exe when an IP address is assigned to that network interface. The script sources the file /var/lib/dhcpcd/dhcpcd-.info which contains shell variables...

7.5CVSS5.8AI score0.00706EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/07/23 12:0 a.m.23 views

Fedora Core 1 : kdepim-3.1.4-2 (2004-133)

The KDE team found a buffer overflow in the file information reader of VCF files. An attacker could construct a VCF file so that when it was opened by a victim it would execute arbitrary commands. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2003-0988 t...

7.5CVSS6.1AI score0.07687EPSS
Exploits0References2
Cvelist
Cvelistadded 2004/07/14 4:0 a.m.30 views

CVE-2004-0201

Heap-based buffer overflow in the HtmlHelp program hh.exe in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041...

7.5AI score0.50676EPSS
Exploits0References9
Cvelist
Cvelistadded 2004/07/08 4:0 a.m.19 views

CVE-2004-0395

The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call...

7AI score0.00063EPSS
Exploits0References3
Cvelist
Cvelistadded 2004/07/06 4:0 a.m.17 views

CVE-2002-1582

compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi...

7.6AI score0.0178EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2004/07/06 12:0 a.m.26 views

RHEL 2.1 : xchat (RHSA-2002:124)

A security issue in XChat allows a malicious server to execute arbitrary commands. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IRC server when a /dns query is executed. Because XChat resolves hostnames by passing the configured...

7.5CVSS5.8AI score0.01079EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/07/06 12:0 a.m.41 views

RHEL 2.1 : XFree86 (RHSA-2003:065)

Updated XFree86 packages that resolve various security issues and additionally provide a number of bug fixes and enhancements are now available for Red Hat Enterprise Linux 2.1. XFree86 is an implementation of the X Window System, which provides the graphical user interface, video drivers, etc. f...

10CVSS6AI score0.01309EPSS
Exploits0References11
Tenable Nessus
Tenable Nessusadded 2004/07/06 12:0 a.m.41 views

RHEL 2.1 : cvs (RHSA-2003:013)

Updated CVS packages are now available for Red Hat Linux Advanced Server. These updates fix a vulnerability which would permit arbitrary command execution on servers configured to allow anonymous read-only access. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 CVS is a...

7.5CVSS6.1AI score0.37007EPSS
Exploits1References4
securityvulns
securityvulnsadded 2004/06/26 12:0 a.m.19 views

format string vulnerability in Gnats

Zone-h Security Advisory Date of discovery : 21 june 2004 Date of release : 24 june 2004 Bug found by Khan Shirani [email protected] http://www.zone-h.org --------------------------------------- Software : GNU Gnats 4.00 Bugs : formats string bugs Risk : low/medium Platform : nix...

0.1AI score
Exploits0
Rows per page
Query Builder