Lucene search
+L

2418 matches found

gitlab
gitlab
added 2021/08/02 12:0 a.m.19 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in github.com/argoproj/argo-workflows...

3.8AI score
Exploits0References2Affected Software1
nvd
nvd
added 2021/07/20 11:15 a.m.44 views

CVE-2021-22125

An instance of improper neutralization of special elements in the sniffer module of FortiSandbox before 3.2.2 may allow an authenticated administrator to execute commands on the underlying system's shell via altering the content of its configuration file...

9CVSS0.0141EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2021/06/25 12:0 a.m.7 views

The vulnerability of the Dovecot mail server arises from incorrect neutralization of special elements in the output data used by the incoming component, allowing attackers to expose user credentials.

The vulnerability of the Dovecot mail server is related to incorrect neutralization of special elements in the output data used by the incoming component. Exploiting this vulnerability can allow a remote attacker to expose user credentials...

4.2CVSS6.8AI score0.02837EPSS
Exploits0References9Affected Software13
vulncheck_kev
vulncheck_kev
added 2021/06/08 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-20028

SonicWall Secure Remote Access SRA products contain an improper neutralization of a SQL Command leading to SQL injection...

9.8CVSS6.8AI score0.30084EPSS
Exploits0References1
osv
osv
added 2021/05/25 12:15 p.m.3 views

CVE-2021-30187

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used in an OS Command...

5.3CVSS5.8AI score0.00268EPSS
Exploits0References2
osv
osv
added 2021/05/06 1:15 p.m.1 views

DEBIAN-CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

7.8CVSS7.7AI score0.00376EPSS
Exploits1References1
prion
prion
added 2021/05/06 1:15 p.m.40 views

Design/Logic Flaw

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

7.2CVSS8.6AI score0.00376EPSS
Exploits1References1Affected Software1
alpinelinux
alpinelinux
added 2021/05/06 3:46 a.m.56 views

CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character...

7.8CVSS7.8AI score0.00376EPSS
Exploits1References1
attackerkb
attackerkb
added 2021/05/06 12:0 a.m.429 views

CVE-2020-28015

Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. Local users can alter the behavior of root processes because a recipient address can have a newline character. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

7.8CVSS7.9AI score0.00376EPSS
In wildExploits1References2
nessus
nessus
added 2021/05/06 12:0 a.m.59 views

Ubuntu 16.04 ESM : Exim vulnerabilities (USN-4934-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4934-2 advisory. USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026...

9.8CVSS7.8AI score0.36649EPSS
Exploits6References17
cve
cve
added 2021/04/22 7:37 p.m.60 views

CVE-2021-0268

CVE-2021-0268 concerns Juniper Networks Junos OS J-Web, due to an Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting). The weakness can cause buffer overflows or segment faults and, per sources, may enable cross-site scripting (XSS) and cookie manipulation, with th...

9.3CVSS8.8AI score0.00853EPSS
Exploits0References1Affected Software1
github
github
added 2021/04/13 3:16 p.m.672 views

Improper neutralization of arguments in freediskspace

This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js...

9.8CVSS8.9AI score0.0126EPSS
Exploits0References3Affected Software1
osv
osv
added 2021/04/13 3:16 p.m.21 views

GHSA-4GFQ-6M28-M5MG Improper neutralization of arguments in freediskspace

This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js...

9.8CVSS9.5AI score0.0126EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2021/03/30 12:0 a.m.5 views

The vulnerability of the DhcpClient method in the Bluetooth Blueman manager arises from incorrect neutralization of special elements in the output data. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the DhcpClient method in the Bluetooth Blueman manager is related to incorrect elimination of special elements in the output data. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

7CVSS7AI score0.04539EPSS
Exploits4References5Affected Software3
cve
cve
added 2021/03/26 8:50 a.m.57 views

CVE-2021-20681

CVE-2021-20681 affects baserCMS prior to 4.4.5. The issue is improper neutralization of JavaScript input in the page editing feature, allowing remote authenticated attackers to inject arbitrary scripts via unspecified vectors. Impact is described as potential script execution in the user’s browse...

5.4CVSS5.4AI score0.00731EPSS
Exploits0References2Affected Software1
jvn
jvn
added 2021/03/26 12:0 a.m.69 views

JVN#64869876: Multiple vulnerabilities in baserCMS

baserCMS provided by baserCMS Users Community contains multiple vulnerabilities listed below. Improper Neutralization of JavaScript input in the page editing function CWE-79 - CVE-2021-20681 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4...

9CVSS6.6AI score0.02475EPSS
Exploits0
vulnrichment
vulnrichment
added 2021/02/08 3:55 p.m.12 views

CVE-2021-22122

An improper neutralization of input during web page generation in FortiWeb GUI interface 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to perform a reflected cross site scripting attack XSS by injecting malicious payload in different vulnerable API...

6.1AI score0.1052EPSS
Exploits0References1
nvd
nvd
added 2021/02/02 7:15 p.m.22 views

CVE-2020-7775

This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js...

9.8CVSS0.0126EPSS
Exploits0References1
cvelist
cvelist
added 2021/02/02 6:20 p.m.21 views

CVE-2020-7775 Command Injection

This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js...

9.8CVSS9.6AI score0.0126EPSS
Exploits0References1
packetstorm
packetstorm
added 2021/01/27 12:0 a.m.342 views

Revive Adserver 5.1.0 Cross Site Scripting

======================================================================== Revive Adserver Security Advisory REVIVE-SA-2021-002 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2021-002...

6.3AI score0.22064EPSS
Exploits3
Rows per page
Query Builder