Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8689 matches found

Tenable Nessus
Tenable Nessusadded 2002/04/18 12:0 a.m.76 views

Apache on Windows < 1.3.24 / 2.0.x < 2.0.34 DOS Batch File Arbitrary Command Execution

Apache for Win32 prior to 1.3.24 and 2.0.x prior to 2.0.34-beta is shipped with a default script, '/cgi-bin/test-cgi.bat', that allows an attacker to remotely execute arbitrary commands on the host subject to the permissions of the affected application. An attacker can send a pipe character '|'...

7.5CVSS5.9AI score0.88277EPSS
Exploits1References3
securityvulns
securityvulnsadded 2002/04/16 12:0 a.m.50 views

Several x-dev.de Guestbook and xNewsletter Vulnerabilities &#40; www.x-dev.de &#41;

------------------------------------------------------------ itcp advisory 12 [email protected] http://www.it-checkpoint.net/advisory/12.html April 14th, 2002 - ------------------------------------------------------------ Several x-dev.de Guestbook and xNewsletter Vulnerabilities...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2002/04/04 12:0 a.m.18 views

Dynamic Guestbook V3.0 Cross Site Scripting and Arbitrary Command Execution under certain circumstances

------------------------------------------------------------- itcp advisory 7 [email protected] http://www.it-checkpoint.net/advisory/7.html April 3rd, 2002 ------------------------------------------------------------- Dynamic Guestbook V3.0 Cross Site Scripting and Arbitrary Command...

0.4AI score
Exploits0
CERT
CERTadded 2002/03/29 12:0 a.m.18 views

Microsoft Internet Explorer does not adequately evaluate malformed URLs

Overview Microsoft Internet Explorer contains a serious vulnerability in its handling of zone determination. Description Microsoft Internet Explorer contains a vulnerability in the way in which it handles zone determination. Specifically, HTML scripts stored in cookies should be executed in the...

7.5CVSS6.5AI score0.20335EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2002/03/19 12:0 a.m.62 views

Apache-SSL < 1.3.23+1.46 i2d_SSL_SESSION Function SSL Client Certificate Overflow

The remote host is using a version of Apache-SSL that is older than 1.3.22+1.46. Such versions are vulnerable to a buffer overflow that, albeit difficult to exploit, may allow an attacker to execute arbitrary commands on this host subject to the privileges under which the web server operates. C...

7.5CVSS5.9AI score0.02702EPSS
Exploits1References5
exploitpack
exploitpackadded 2002/03/11 12:0 a.m.15 views

Solaris 7.08 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution

Solaris 7.08 Sunsolve CD - SSCDSunCourier.pl CGI Script Arbitrary Command Execution source: https://www.securityfocus.com/bid/4269/info The Sunsolve CD is part of the Solaris Media pack. It is included as a documentation resource, and is available for the Solaris Operating Environment. A CGI scri...

0.1AI score
Exploits0
CVE
CVEadded 2002/03/09 5:0 a.m.51 views

CVE-2001-0422

CVE-2001-0422 affects Xsun on Solaris 8 and earlier. A buffer overflow triggered by a long HOME environment variable allows local users to execute arbitrary commands. The provided documents do not include remediation details.

7.2CVSS7.7AI score0.00263EPSS
Exploits1References4Affected Software2
Cvelist
Cvelistadded 2002/03/09 5:0 a.m.24 views

CVE-2001-0595

Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMSPROFILES environment variable, e.g. as demonstrated using the kcmsconfigure program...

7.5AI score0.00373EPSS
Exploits1References3
Cvelist
Cvelistadded 2002/03/09 5:0 a.m.22 views

CVE-1999-1055

Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL, aka the Excel "CALL Vulnerability."...

7.4AI score0.07729EPSS
Exploits0References3
CVE
CVEadded 2002/03/09 5:0 a.m.33 views

CVE-2000-0740

CVE-2000-0740 describes a buffer overflow in the Net Tools PKI Server 1.0 strong.exe web server (HTTPS) that, when processing a long URL, can allow a remote attacker to execute arbitrary commands. The vulnerability is in the web server component and affects the HTTPS port; the issue is exploitabl...

5CVSS7.8AI score0.0856EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2002/03/09 5:0 a.m.24 views

CVE-2000-0788

The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic VBA scripts in an Access database, which could allow an attacker to execute arbitrary commands...

7AI score0.10498EPSS
Exploits1References4
CVE
CVEadded 2002/03/09 5:0 a.m.176 views

CVE-2001-0537

CVE-2001-0537 affects Cisco IOS HTTP Server in Cisco IOS 11.3–12.2. The vulnerability allows bypassing local authentication and executing arbitrary commands by specifying a high access level in the URL. Impact is authenticated command execution with full privileges on affected devices. Public det...

9.3CVSS6.9AI score0.93773EPSS
In wildExploits8References10Affected Software1
CVE
CVEadded 2002/03/09 5:0 a.m.106 views

CVE-2001-0236

CVE-2001-0236 affects Solaris snmpXdmid, where a buffer/heap overflow in the SNMP-to-DMI mapper allows remote code execution via a long indication event. Affected platforms include SunOS 5.7/Solaris 7 and SunOS 5.8/Solaris 8. The vulnerability is triggered by handling crafted SNMP traps/indicatio...

10CVSS7.5AI score0.69734EPSS
Exploits6References6Affected Software2
CVE
CVEadded 2002/03/09 5:0 a.m.50 views

CVE-1999-1321

The CVE-1999-1321 entry concerns the SSH 1.2.26 client with Kerberos V enabled. A buffer overflow in handling a long DNS hostname during TGT ticket passing could allow remote attackers to cause a denial of service or execute arbitrary commands. The vulnerability details are drawn from the NVD/CVE...

7.5CVSS8.6AI score0.00986EPSS
Exploits0References2Affected Software1
securityvulns
securityvulnsadded 2002/02/28 12:0 a.m.50 views

IE execution of arbitrary commands without Active Scripting or ActiveX &#40;GM#001-IE&#41;

GreyMagic Security Advisory GM001-IE ===================================== by GreyMagic Software, Israel. 27 Feb 2002. Topic: Executing arbitrary commands without Active Scripting or ActiveX. Discovery date: 25 Feb 2002. Affected applications: ====================== Any application that hosts the...

0.1AI score
Exploits0
exploitpack
exploitpackadded 2002/01/29 12:0 a.m.12 views

AHG Search Engine 1.0 - search.cgi Arbitrary Command Execution

AHG Search Engine 1.0 - search.cgi Arbitrary Command Execution source: https://www.securityfocus.com/bid/3985/info Search.CGI is a component of the HTMLsearch Search Engine software distributed by AHG. The software is available for the Unix, Linux, and Microsoft platforms. The search.cgi script...

0.4AI score
Exploits0
Exploit DB
Exploit DBadded 2002/01/20 12:0 a.m.25 views

Caldera UnixWare 7.1.1 - WebTop &#039;SCOAdminReg.cgi&#039; Arbitrary Command Execution

source: https://www.securityfocus.com/bid/3936/info UnixWare is a commercial Unix implementation distributed originally developed by SCO. It is now maintained and distributed by Caldera. The scoadminreg.cgi program does not properly validate user input when executed with the -c option. Because of...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2002/01/20 12:0 a.m.10 views

Caldera UnixWare 7.1.1 - WebTop SCOAdminReg.cgi Arbitrary Command Execution

Caldera UnixWare 7.1.1 - WebTop SCOAdminReg.cgi Arbitrary Command Execution source: https://www.securityfocus.com/bid/3936/info UnixWare is a commercial Unix implementation distributed originally developed by SCO. It is now maintained and distributed by Caldera. The scoadminreg.cgi program does n...

0.6AI score
Exploits0
NVD
NVDadded 2001/12/31 5:0 a.m.17 views

CVE-2001-1530

run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands...

4.6CVSS7AI score0.00088EPSS
Exploits0References2
NVD
NVDadded 2001/12/31 5:0 a.m.14 views

CVE-2001-1495

networkquery.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter...

7.5CVSS7.7AI score0.00982EPSS
Exploits0References3
Rows per page
Query Builder