CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

615 matches found

Prion•added 2015/02/01 2:59 a.m.•12 views

Design/Logic Flaw

Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action...

9CVSS7.8AI score0.08116EPSS

Exploits1References6Affected Software2

Cvelist•added 2015/02/01 2:0 a.m.•20 views

CVE-2014-7288

7.2AI score0.08116EPSS

Exploits1References6

Tenable Nessus•added 2014/12/17 12:0 a.m.•49 views

CentOS 6 / 7 : mailx (CESA-2014:1999)

Updated mailx packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available...

7.8CVSS7.7AI score0.06858EPSS

Exploits1References4

Tenable Nessus•added 2014/12/17 12:0 a.m.•26 views

Scientific Linux Security Update : mailx on SL6.x, SL7.x i386/x86_64 (20141216)

A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality. CVE-2004-2771, CVE-2014-7844...

7.8CVSS7.6AI score0.06858EPSS

Exploits1References3

Check Point Advisories•added 2014/11/02 12:0 a.m.•8 views

Plone and Zope cmd Parameter Remote Command Execution (CVE-2011-3587)

A remote code execution vulnerability has been reported in Zope and Plone. The vulnerability is due to failing to properly validate user-supplied input. A remote attacker can exploit this vulnerability by execute arbitrary shell commands...

9.3CVSS7.7AI score0.78546EPSS

Exploits15

Friends Of PHP•added 2014/10/22 9:14 a.m.•7 views

Arbitrary Shell Execution in Swiftmailer library

More info at https://typo3.org/security/advisory/typo3-core-sa-2014-002...

7.2AI score

Exploits0Affected Software1

Typo3•added 2014/10/22 12:0 a.m.•137 views

Multiple Vulnerabilities in TYPO3 CMS

It has been discovered that TYPO3 CMS is vulnerable to Denial of Service and Arbitrary Shell Execution! Component Type: TYPO3 CMS Vulnerability Types: Denial of Service, Arbitrary Shell Execution Overall Severity: Medium Release Date: October 22, 2014 Vulnerable subcomponent: OpenID System...

7.5CVSS0.5AI score0.02997EPSS

Exploits1Affected Software1

Exploit DB•added 2014/10/08 12:0 a.m.•727 views

OpenSSH < 6.6 SFTP (x64) - Command Execution

define GNUSOURCE // THIS PROGRAM IS NOT DESIGNED TO BE SAFE AGAINST VICTIM MACHINES THAT // TRY TO ATTACK BACK, THE CODE IS SLOPPY! // In other words, please don't use this against other people's machines. include include include include include include include include include define mina,b ab?a:...

7.4AI score

Exploits0

0day.today•added 2014/08/06 12:0 a.m.•47 views

TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution

Exploit for hardware platform in category web applications Vulnerability description: The domain name parameters of the "Parental Control" and "Access Control" features of the TP-Link TL-WR740N v4 FW-Ver. 3.16.6 Build 130529 Rel.47286n router are prone to arbitrary shell command execution as root...

7.1AI score

Exploits0

WPVulnDB•added 2014/08/01 10:59 a.m.•7 views

Think Responsive 1.0 - Arbitrary shell upload

The thinkresponsive WordPress theme was affected by an Arbitrary shell upload security vulnerability...

2.2AI score

Exploits0References2Affected Software1

Mageia•added 2014/07/26 12:52 p.m.•46 views

Updated asterisk packages fix security vulnerabilities

Updated asterisk packages fix security vulnerabilities: Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action CVE-2014-4046. Asterisk Open...

6.5CVSS7AI score0.05679EPSS

Exploits0References5

seebug.org•added 2014/07/01 12:0 a.m.•10 views

BlueCat Networks Adonis 5.0.2 .8 CLI Remote Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25342/info BlueCat Networks Adonis devices are prone to a remote privilege-escalation vulnerability because the software fails to properly sanitize user-supplied input. An attacker with administrative privileges can explo...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

Setuid Tunnelblick Privilege Escalation

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•18 views

Gazelle CMS 1.0 - Remote Arbitrary Shell Upload Vulnerability

No description provided by source. ==================================================== | Gazelle CMS 1.0 Remote Arbitrary File Upload Vuln | My Home Page : WwW.Sec-Code.CoM | Founded By RoMaNcYxHaCkEr ==================================================== ! Discovered.: RoMaNcYxHaCkEr ! Vendor.......

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•26 views

GForge 3.x Remote Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13716/info GForge is affected by a remote command execution vulnerability. This issue arises because the application fails to sanitize user-supplied data passed through URI parameters. An attacker can supply arbitrary she...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•14 views

ewire Payment Client 1.60/1.70 Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25683/info ewire Payment Client is prone to a vulnerability that allows attackers to execute arbitrary shell commands because the software fails to sanitize user-supplied input. An attacker may leverage this issue to...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•13 views

DotBr 0.1 System.PHP3 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell comman...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Leif M. Wright simplestmail.cgi 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2102/info A vulnerabiliy exists in Leif M. Wright's simplestmail.cgi, a script designed to coordinate email responses from web forms. An insecurely-structured call to the open function leads to a failure to properly filte...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•15 views

Brian Stanback bsguest.cgi 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2159/info An input validation vulnerability exists in Brian Stanback's bsguest.cgi, a script designed to coordinate guestbook submissions from website visitors. The script fails to properly filter ';' characters from the...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•24 views

Brian Stanback bslist.cgi 1.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2160/info An input validation vulnerability exists in Brian Stanback's bslist.cgi, a script designed to coordinate mailing lists. The script fails to properly filter ';' characters from the user-supplied email addresses...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by