Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2022/05/20 11:34 p.m.19 views

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.8CVSS7.9AI score0.04665EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2018-0399)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.04665EPSS
Exploits1References4
OSV
OSV
added 2018/10/19 6:0 p.m.5 views

MGASA-2018-0399 Updated calibre packages fix security vulnerability

Updated calibre package fixes security vulnerability: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.8CVSS7.7AI score0.04665EPSS
Exploits1References3
Mageia
Mageia
added 2018/10/19 6:0 p.m.26 views

Updated calibre packages fix security vulnerability

Updated calibre package fixes security vulnerability: gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.8CVSS5.3AI score0.04665EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/03/28 12:0 a.m.17 views

Fedora 26 : calibre (2018-6143b1d911)

Update to calibure 3.19.0. See changelog at: https://calibre-ebook.com/whats-new Fixes CVE-2018-7889 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much ...

7.8CVSS7.2AI score0.04665EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2018/03/21 12:0 a.m.25 views

Fedora Update for calibre FEDORA-2018-5649824f49

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.6AI score0.04665EPSS
Exploits1References2
NVD
NVD
added 2018/03/08 9:29 p.m.10 views

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.8CVSS7.8AI score0.04665EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2018/03/08 9:29 p.m.18 views

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.8CVSS7.3AI score0.04665EPSS
Exploits1References3
OSV
OSV
added 2018/03/08 9:29 p.m.112 views

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.8CVSS8.1AI score
Exploits0References2
Cvelist
Cvelist
added 2018/03/08 9:0 p.m.27 views

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.7AI score0.04665EPSS
Exploits1References2
CVE
CVE
added 2018/03/08 9:0 p.m.103 views

CVE-2018-7889

Summary: CVE-2018-7889 affects Calibre (notably 3.18) where gui2/viewer/bookmarkmanager.py uses cPickle.load on imported bookmark data, enabling arbitrary code execution through a crafted .pickle file. The underlying issue is deserialization of untrusted data leading to remote code execution. Con...

7.8CVSS7.7AI score0.04665EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVE
added 2018/03/08 9:0 p.m.15 views

CVE-2018-7889

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call...

7.8CVSS7.8AI score0.04665EPSS
Exploits1
Rows per page
Query Builder