64 matches found
PT-2021-4684 · Cisco · Cisco Ftd
Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to insufficient validation of command arguments in the Command Line Interface CLI of Cisco Firepower Threat Defense FTD Software. Th...
The vulnerability of the server software BIG-IQ Centralized Management lies in insufficient validation of arguments passed in commands, allowing a perpetrator to execute arbitrary commands on the target system.
The vulnerability of the server software in BIG-IQ Centralized Management lies in insufficient validation of the arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands on the target system by entering specially crafted control commands...
DEBIAN-CVE-2014-8139
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2014-8140
Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2014-8140
Heap-based buffer overflow in the testcompreb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command...
CVE-2019-16255
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument aka the "command" argument to Shell or Shelltest in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method...
PT-2019-4295 · Centos · Centos Web Panel
Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.885 Description: The issue is related to a lack of input sanitization in the filemanager2.php component, allowing for the execution of arbitrary HTML code or JavaScript scripts. This can be exploited via the cmd...
The vulnerability of the docker build mechanism, a tool for automating the deployment and management of applications in containerized environments, allows an attacker to gain unauthorized access to information, cause service failures, or affect the availability of information.
The vulnerability of the docker build mechanism, a tool for automating the deployment and management of applications in containerized environments, is related to insufficient testing of arguments passed in commands. Exploiting this vulnerability can allow attackers to gain unauthorized access to...
CVE-2019-1610
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker coul...
OPENSUSE-SU-2017:0737-1 Security update for irssi
This update to irssi 1.0.2 fixes security issues and bugs. The following vulnerabilities were fixed: boo1029020: Use after free while producing list of netjoins The following non-security changes are included: - Fix in command arg parser to detect missing arguments in tail place - Fix regression...
Nagios NRPE Command Argument Processing Enabled
The version of Nagios Remote Plugin Executor NRPE running on the remote host has command argument processing enabled and accepts the newline character. An unauthenticated, remote attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application by...
DSA-2549-1 devscripts - multiple
Bulletin has no description...
IBM Informix Dynamic Server Command Argument Processing Stack Overflow (CVE-2008-0727)
Informix is a family of relational database management system RDBMS products by IBM. It is positioned as IBM's flagship data server for online transaction processing OLTP as well as integrated solutions. IBM Informix Dynamic Server is an online transaction processing data server. A stack buffer...
KON2 Buffer Overflow Vulnerability in Command Argument Validation
Overview KON Kanji ON Linux console, provided by Linux Japan RPM Project, contains a buffer overflow vulnerability due to improper validation of command line arguments. Impact An attacker could execute arbitrary command with the root privileges. Solution Please refer to the 'Vendor Information'...
CVE-2008-1628
Stack-based buffer overflow in the auditlogusercommand function in lib/auditlogging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information...
Stack overflow
Stack-based buffer overflow in the auditlogusercommand function in lib/auditlogging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information...
CVE-2008-1628
Stack-based buffer overflow in the auditlogusercommand function in lib/auditlogging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information...
CVE-2008-1628
Stack-based buffer overflow in the auditlogusercommand function in lib/auditlogging.c in Linux Audit before 1.7 might allow remote attackers to execute arbitrary code via a long command argument. NOTE: some of these details are obtained from third party information...
CVE-2006-6240
Directory traversal vulnerability in Sorin Chitu Telnet-FTP Server 1.0 allows remote authenticated users to list contents of arbitrary directories and download arbitrary files via a .. dot dot sequence in an FTP command argument, as demonstrated by RETR GET or STOR PUT. NOTE: The provenance of th...
CVE-2002-1250
Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument...