92 matches found
Kleopatra: Remote code execution
Background Kleopatra is a certificate manager and a universal crypto GUI. It supports managing X.509 and OpenPGP certificates in the GpgSM keybox and retrieving certificates from LDAP servers. Description Kleopatra did not safely escape command line parameters provided by URLs, which it configure...
Cisco Wireless LAN Controller Path Traversal Vulnerability
According to its self-reported version, Cisco Wireless LAN Controller WLC is affected by a directory traversal vulnerability due to improper sanitization of user-supplied input in command-line parameters that describe file names. An authenticated, local attacker can exploit this to view system...
NewStart CGSL CORE 5.04 / MAIN 5.04 : ntp Vulnerability (NS-SA-2019-0206)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ntp packages installed that are affected by a vulnerability: - Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long...
The vulnerability of the gostsum check tool arises from buffer overflows during the processing of command-line parameters, allowing a malicious actor to cause a service failure.
The vulnerability of the gostsum checksum verification tool arises due to buffer overflows during the processing of command-line parameters. Exploiting this vulnerability can allow an attacker to cause a service failure in the application by entering a specially crafted sequence of data in the...
The vulnerability of the alsa_in audio processing tool arises from buffer overflows during the processing of command-line parameters, allowing attackers to cause a service failure.
The vulnerability of the alsain sound processing utility arises due to buffer overflow during the processing of command-line parameters. Exploiting this vulnerability can allow an attacker to cause a service failure by entering a specially crafted sequence of data in the command line...
The vulnerability of the h5ls content analysis program arises from buffer overflows during the processing of command-line parameters, allowing attackers to cause service interruptions.
The vulnerability of the h5ls content analysis program arises due to buffer overflows during the processing of command-line parameters. Exploiting this vulnerability can allow an attacker to cause a service failure by entering a specially crafted sequence of data in the command line...
The vulnerability of the SQL command execution utility for the Firebird database, isql-fb, allows a hacker to cause a service failure.
The vulnerability of the SQL command execution utility for Firebird database, iSQL-FB, arises due to buffer overflows during the processing of command line parameters. Exploiting this vulnerability can allow an attacker to cause a service failure by entering a specially crafted sequence of data...
The vulnerability of the h5dump program for processing hdf5 files arises from buffer overflows during the processing of command-line parameters, allowing attackers to cause service failures.
The vulnerability of the h5dump program for viewing hdf5 files arises from buffer overflows during the processing of command-line parameters. Exploiting this vulnerability can allow an attacker to cause a service failure by entering a specially crafted sequence of data in the command line...
CVE-2018-7119
A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. STDSEC-STANDARD SECURITY PROD...
AIX 5.3 TL 12 : xorg (IJ11551)
https://vulners.com/cve/CVE-2018-14665 https://vulners.com/cve/CVE-2018-14665 X.Org X server could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper validation of command line parameters. An attacker could exploit this vulnerability using the...
The vulnerability of the X.Org Server software arises from errors in processing and checking command-line parameters, allowing an attacker to gain root privileges and overwrite any file in the operating system.
Vulnerability of the X.Org Server software, caused by errors in processing and checking command-line parameters. Exploiting this vulnerability can allow a remote attacker to gain root privileges and rewrite any file in the operating system using the modulepath and logfile parameters when running...
CVE-2018-5543
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 k8s-bigip-crtl passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container...
Default credentials
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 k8s-bigip-crtl passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container...
CVE-2018-5543
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 k8s-bigip-crtl passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container...
CVE-2018-5543
The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 k8s-bigip-crtl passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container...
Huawei eNSP Software Buffer Overflow Vulnerability
Huawei eNSP Enterprise Network Simulation Platform is a free, scalable, graphical operation network simulation tool platform provided by Huawei. A buffer overflow vulnerability exists in the Huawei eNSP software due to insufficient program checksums for specific command line parameters, which can...
Design/Logic Flaw
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System GPFS 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program...
Microsoft Internet Explorer Information Disclosure (MS15-106: CVE-2015-6053)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...
Microsoft Internet Explorer Information Disclosure (MS15-106: CVE-2015-6046)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...
Microsoft Internet Explorer Information Disclosure (MS15-094: CVE-2015-2483)
An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...