CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

encryptfs-utils is vulnerable to information disclosure. A disclosure flaw was found in the way the "ecryptfs-setup-private" script passed passphrases to the "ecryptfs-wrap-passphrase" and "ecryptfs-add-passphrase" commands as command line arguments. A local user could obtain the passphrases of...

7.2CVSS1.5AI score0.00093EPSS

Exploits0References17Affected Software1

Kitploit•added 2018/06/26 10:12 p.m.•38 views

Pspy - Monitor Linux Processes Without Root Permissions

pspy is a command line tool designed to snoop on processes without need for root permissions. It allows you to see commands run by other users, cron jobs, etc. as they execute. Great for enumeration of Linux systems in CTFs. Also great to demonstrate your colleagues why passing secrets as argumen...

7.1AI score

Exploits0References3

OSV•added 2011/03/22 5:55 p.m.•4 views

CVE-2011-1006

Heap-based buffer overflow in the parsecgroupspec function in tools/tools-common.c in the Control Group Configuration Library aka libcgroup or libcg before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear wheth...

6.8AI score

Exploits0References16

Cvelist•added 2004/06/30 4:0 a.m.•16 views

CVE-2004-0609

rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail...

6.2AI score0.00561EPSS

Exploits0References3

exploitpack•added 2003/11/07 12:0 a.m.•12 views

IBM DB2 - db2start Command Line Argument Local Overflow

IBM DB2 - db2start Command Line Argument Local Overflow source: https://www.securityfocus.com/bid/8990/info IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to...

0.1AI score

Exploits0

Cvelist•added 2002/08/31 4:0 a.m.•16 views

CVE-2001-1388

iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator...

6.6AI score0.00422EPSS

Exploits1References2

CERT•added 2001/01/28 12:0 a.m.•35 views

phf CGI Script fails to guard against newline characters

Overview This document describes a vulnerability in a CGI script known as phf which was widely exploited in 1996 and 1997. Description The phf CGI script constructs a partial command line consisting of the ph command and appropriate arguments, and completes the command line based on the input fro...

10CVSS6.8AI score0.85831EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by