Lucene search
+L

419 matches found

nvd
nvd
added 2018/08/17 1:29 p.m.27 views

CVE-2018-3785

A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...

10CVSS9.8AI score0.04001EPSS
Exploits1References1
prion
prion
added 2018/08/17 1:29 p.m.13 views

Command injection

A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...

10CVSS9.8AI score0.04001EPSS
Exploits1References1Affected Software1
osv
osv
added 2018/08/17 1:29 p.m.15 views

CVE-2018-3785

A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...

9.8CVSS7.5AI score
Exploits0References1
cvelist
cvelist
added 2018/08/17 1:0 p.m.29 views

CVE-2018-3785

A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter...

9.9AI score0.04001EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2018/08/17 12:0 a.m.4 views

PT-2018-16202 · Unknown · Git-Dummy-Commit

Name of the Vulnerable Software and Affected Versions: git-dummy-commit version 1.3.0 Description: A command injection issue allows OS level commands to be executed due to an unescaped parameter. Recommendations: For git-dummy-commit version 1.3.0, consider restricting the use of the vulnerable...

10CVSS9.8AI score0.04001EPSS
Exploits1References5
hackerone
hackerone
added 2018/04/22 3:26 a.m.32 views

Node.js third-party modules: [git-dummy-commit] Command injection on the msg parameter

Hi there, I've found a Command Injection on the "git-dummy-commit" module. Module module name: git-dummy-commit version: 1.3.0 npm page: https://www.npmjs.com/package/git-dummy-commit Module Description Create a dummy commit for testing Module Stats 62 downloads in the last day 94 downloads in th...

10CVSS0.2AI score0.04001EPSS
Exploits1
zdt
zdt
added 2017/12/06 12:0 a.m.62 views

Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation Exploit

Exploit for macOS platform in category local exploits Another day, another root privesc bug in this plugin. Not quite so serious this time - this one is only exploitable if the user has the plugin installed but VMware Fusion not installed. This is a fairly unlikely scenario but it's a straight to...

7.2CVSS7.4AI score0.00984EPSS
Exploits3
kitploit
kitploit
added 2016/11/09 1:49 p.m.64 views

geoip-attack-map - Cyber Security GeoIP Attack Map Visualization

This geoip attack map visualizer was developed to display network attacks on your organization in real time. The data server follows a syslog file, and parses out source IP, destination IP, source port, and destination port. Protocols are determined via common ports, and the visualizations vary i...

7.4AI score
Exploits0References1
packetstorm
packetstorm
added 2016/11/07 12:0 a.m.57 views

Actiontec WCB3000N 0.16.2.5 Privilege Escalation

Device Details Vendor: Actiontec Telus Branded Model: WCB3000N Affected Firmware: v0.16.2.5 Device Manual: http://static.telus.com/common/cms/files/internet/wifiplusextender.pdf Reported: November 2015 Status: Fixed on newest pushed firmware version CVE: Update is handled by the vendor, therefore...

0.5AI score
Exploits0
bdu_fstec
bdu_fstec
added 2015/10/13 12:0 a.m.7 views

The vulnerability of the Sblim-sfcb control mechanism allows a perpetrator to trigger a service failure.

The vulnerability of the lookupProviders function in the Sblim-sfcb management tool is related to pointer swapping errors. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially crafted package containing a dummy class name...

5CVSS5.4AI score0.03357EPSS
Exploits1References3Affected Software2
zdt
zdt
added 2015/09/07 12:0 a.m.18 views

AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow Exploit

Exploit for windows platform in category local exploits Exploit Title: AutoCAD DWG and DXF To PDF Converter v2.2 Buffer Overflow Date: 9-5-2015 Software Link: http://www.verypdf.com/autocad-dwg-dxf-to-pdf/dwgdxftopdfsetup.exe Exploit Author: Robbie Corley Contact: email protected Website: CVE:...

6.8AI score
Exploits0
bdu_fstec
bdu_fstec
added 2015/04/28 12:0 a.m.6 views

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the xorg-x11-drv-dummy-0.3.6 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

6.8CVSS5.4AI score0.01683EPSS
Exploits0References2
exploitpack
exploitpack
added 2015/01/07 1:49 p.m.13 views

Linux-Kernel-2.6.34-rc3

The kernel allows processes to access the internal .reiserfspriv directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions are not enforced in that tree, so unprivileged users can view and potentially modify the xattrs on arbitrary files. import os, sys SHELL = 'int...

1.1AI score
Exploits0
nessus
nessus
added 2013/08/27 12:0 a.m.39 views

SuSE 11.2 / 11.3 Security Update : Apache2 (SAT Patch Numbers 8137 / 8138)

This collective update for Apache provides the following fixes : - Make sure that input that has already arrived on the socket is not discarded during a non-blocking read read2 returns 0 and errno is set to -EAGAIN. bnc815621 - Close the connection just before an attempted re-negotiation if data...

5.1CVSS7.8AI score0.29484EPSS
Exploits4References8
prion
prion
added 2011/09/23 11:55 p.m.19 views

Information disclosure

DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files...

5CVSS6.7AI score0.01335EPSS
Exploits1References3Affected Software1
rubygems
rubygems
added 2009/12/07 12:0 a.m.23 views

jruby-openssl Gem for JRuby fails to do proper certificate validation

A security problem involving peer certificate verification was found where failed verification silently did nothing, making affected applications vulnerable to attackers. Attackers could lead a client application to believe that a secure connection to a rogue SSL server is legitimate. Attackers...

7.5CVSS3.9AI score0.006EPSS
Exploits0References1Affected Software1
ubuntucve
ubuntucve
added 2008/11/05 3:0 p.m.27 views

CVE-2008-4947

dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file...

6.9CVSS5.9AI score0.0039EPSS
Exploits1References1
debiancve
debiancve
added 2008/11/05 2:51 p.m.30 views

CVE-2008-4947

dhis-dummy-log-engine in dhis-server 5.3 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/dhis-dummy-log-engine.log temporary file...

6.9CVSS6.2AI score0.0039EPSS
Exploits1
exploitpack
exploitpack
added 2006/02/16 12:0 a.m.17 views

Microsoft Windows Media Player 7.1 10 - .BMP Heap Overflow (MS06-005) (2)

Microsoft Windows Media Player 7.1 10 - .BMP Heap Overflow MS06-005 2 sploit creater by [email protected] ms06-005 advisory proof of concept heap overflow in wmf.dll @ 0x0035920a denial of service, cuz we can't get this to play nice shamelessly stolen from CANVAS code def intelorderi:...

0.9AI score
Exploits0
Rows per page
Query Builder