Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-4494

Malware in sbrugna...

8.8CVSS9.1AI score0.0267EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2017-12836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted...

7.5CVSS7AI score0.05968EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 6 : cvs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cvs: Command injection via malicious ssh URLs CVE-2017-12836 Note that Nessus has not tested for this issue but has...

7.5CVSS7.3AI score0.05968EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.20 views

RHEL 5 : cvs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - cvs: Command injection via malicious ssh URLs CVE-2017-12836 Note that Nessus has not tested for this issue but has...

7.5CVSS9AI score0.05968EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2017-0284)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.05968EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2017:2422-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.05968EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2017:2419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.05968EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.18 views

EulerOS Virtualization 3.0.6.6 : cvs (EulerOS-SA-2021-1467)

According to the version of the cvs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository...

7.5CVSS7.1AI score0.05968EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/11/03 12:0 a.m.35 views

EulerOS 2.0 SP2 : cvs (EulerOS-SA-2020-2338)

According to the version of the cvs package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a...

7.5CVSS7.2AI score0.05968EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.6 views

Huawei EulerOS: Security Advisory for cvs (EulerOS-SA-2020-2128)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.05968EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.27 views

EulerOS 2.0 SP3 : cvs (EulerOS-SA-2020-2128)

According to the version of the cvs package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a...

7.5CVSS7.2AI score0.05968EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-3399-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.05968EPSS
Exploits1References2
Prion
Prion
added 2017/12/07 6:29 p.m.41 views

Design/Logic Flaw

httptransport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176,...

9.3CVSS8.6AI score0.77823EPSS
Exploits12References4Affected Software1
Prion
Prion
added 2017/11/27 10:29 a.m.38 views

Design/Logic Flaw

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

9.3CVSS8.6AI score0.77823EPSS
Exploits12References7Affected Software3
Veracode
Veracode
added 2017/10/30 12:47 a.m.39 views

Arbitrary Command Execution

Dulwich is vulnerable to arbitrary command execution. When using the SSH subprocess, an attacker can use an ssh URL with the - dash character in the hostname.This is related to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

9.8CVSS8.4AI score0.77823EPSS
Exploits12References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/10/30 12:0 a.m.51 views

Debian DLA-1144-1 : git-annex security update

git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117. For Debian 7...

10CVSS7.3AI score0.77823EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2017/09/18 12:0 a.m.32 views

openSUSE Security Update : cvs (openSUSE-2017-1060)

This update for cvs fixes the following issues : - CVE-2017-12836: A leading dash in the argument of the '-d' option could lead to argument injection bsc1053364 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

7.5CVSS6.5AI score0.05968EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2017/09/13 12:0 a.m.25 views

SUSE SLES11 Security Update : cvs (SUSE-SU-2017:2422-1)

This update for cvs fixes the following issues : - CVE-2017-12836: A leading dash in the argument of the '-d' option could lead to argument injection bsc1053364 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

7.5CVSS6.6AI score0.05968EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/09/13 12:0 a.m.28 views

SUSE SLED12 / SLES12 Security Update : cvs (SUSE-SU-2017:2419-1)

This update for cvs fixes the following issues : - CVE-2017-12836: A leading dash in the argument of the '-d' option could lead to argument injection bsc1053364 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

7.5CVSS6.6AI score0.05968EPSS
Exploits1References4
OSV
OSV
added 2017/09/12 3:33 p.m.8 views

SUSE-SU-2017:2422-1 Security update for cvs

This update for cvs fixes the following issues: - CVE-2017-12836: A leading dash in the argument of the '-d' option could lead to argument injection bsc1053364...

7.5CVSS8.6AI score0.05968EPSS
Exploits1References3
Rows per page
Query Builder