Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-42154

Malicious code in bioql PyPI...

9.8CVSS6.8AI score0.01763EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.46 views

RHEL 7 : netkit-rsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - netkit-rsh: possible overwrite of arbitrary files by a malicious rsh server CVE-2019-7283 - In NetKit...

6.7AI score0.03681EPSS
Exploits2References2
NVD
NVD
added 2023/07/14 10:15 p.m.55 views

CVE-2023-38336

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

9.8CVSS0.01763EPSS
Exploits1References1
Prion
Prion
added 2023/07/14 10:15 p.m.52 views

Command injection

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

7.5CVSS6.9AI score0.12996EPSS
Exploits9References1Affected Software1
UbuntuCve
UbuntuCve
added 2023/07/14 10:15 p.m.126 views

CVE-2023-38336

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

9.8CVSS7.2AI score0.01763EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/07/14 12:0 a.m.22 views

CVE-2023-38336

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

7.6AI score0.01763EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/07/14 12:0 a.m.65 views

CVE-2023-38336

netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778...

7.2AI score0.01763EPSS
Exploits1References1
CVE
CVE
added 2023/07/14 12:0 a.m.109 views

CVE-2023-38336

CVE-2023-38336 concerns netkit-rcp in rsh-client 0.17-24 where an rsh server can cause command/file handling issues. The connected Broadcom advisory describes a concrete exploitation: a malicious rsh server (or MITM) can overwrite arbitrary files on the rcp client by abusing the rcp operation’s o...

9.8CVSS7AI score0.01763EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/01/31 6:29 p.m.15 views

CVE-2019-7283

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

7.4CVSS6.4AI score
Exploits0References3
CVE
CVE
added 2019/01/31 6:0 p.m.131 views

CVE-2019-7283

The connected Broadcom advisory confirms CVE-2019-7283 affects NetKit’s rcp up to version 0.17, where the rcp server’s file selection is trusted but the client’s object-name validation is only cursory. A malicious rsh server or MITM can overwrite arbitrary files in a client directory by exploitin...

7.4CVSS6.6AI score0.01976EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder