Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2023/12/15 1:44 p.m.16 views

CVE-2023-46116 Remote Code Execution via insufficiently sanitized call to shell.openExternal

Tutanota Tuta Mail is an encrypted email provider. Tutanota allows users to open links in emails in external applications. Prior to version 3.118.12, it correctly blocks the file: URL scheme, which can be used by malicious actors to gain code execution on a victims computer, however fails to chec...

9.3CVSS7.6AI score0.01258EPSS
Exploits1References5
Veracode
Veracode
added 2019/02/19 6:33 a.m.18 views

Path Traversal

total.js is vulnerable to path traversal attacks. The vulnerability exists in index.js where req.url is insufficiently sanitized, allowing path traversal attacks...

7.5CVSS7.3AI score0.72058EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2019/01/09 7:29 p.m.15 views

CVE-2018-6084

Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file...

7.8CVSS7.6AI score0.01096EPSS
Exploits1References5
Prion
Prion
added 2019/01/09 7:29 p.m.15 views

Code injection

Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file...

7.2CVSS7.8AI score0.01096EPSS
Exploits1References5Affected Software5
Debian CVE
Debian CVE
added 2019/01/09 7:0 p.m.27 views

CVE-2018-6084

Removed by vendor...

7.8CVSS8.2AI score0.01096EPSS
Exploits1
OSV
OSV
added 2018/06/08 1:29 a.m.23 views

CVE-2018-9246

The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create, runfile, backup, or restore function. The vulnerability...

9.8CVSS7.9AI score
Exploits0References1
securityvulns
securityvulns
added 2008/07/22 12:0 a.m.55 views

Vim: Improper Implementation of shellescape()/Arbitrary Code Execution

Summary Product : Vim -- Vi IMproved Version : = 7.2a.013; tested with 7.2b Impact : Arbitrary code execution Wherefrom: Local, possibly remote Original : http://www.rdancer.org/vulnerablevim-shellescape.html http://www.rdancer.org/vulnerablevim-latest.tar.bz2 Improper implementation of the...

1.3AI score
Exploits0
Rows per page
Query Builder