Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2024/10/21 12:0 a.m.26 views

CVE-2024-49215

...

Exploits3
Microsoft CVE
Microsoft CVEadded 2020/10/25 12:0 a.m.4 views

Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to "error handling logic".

...

5CVSS7AI score0.04126EPSS
Exploits1
Debian CVE
Debian CVEadded 2019/11/22 5:31 p.m.27 views

CVE-2019-18610

An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface AMI user without system authorization could use a specially crafted Originate AMI request to execute arbitrary syst...

9CVSS8.5AI score0.41746EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2019/11/22 5:31 p.m.39 views

CVE-2019-18610

An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface AMI user without system authorization could use a specially crafted Originate AMI request to execute arbitrary syst...

9CVSS8.7AI score0.41746EPSS
Exploits0
CNVD
CNVDadded 2019/11/22 12:0 a.m.1 views

Sangoma Technologies Asterisk and Sangoma Technologies Certified Asterisk Command Execution Vulnerabilities

Sangoma Technologies Asterisk and Sangoma Technologies Certified Asterisk are both products of Sangoma Technologies, a Canadian company.Sangoma Technologies Asterisk is a suite of open source telephone switch PBX system software. Sangoma Technologies Asterisk is an open source telephone exchange...

9CVSS7.6AI score0.41746EPSS
Exploits0References1
Prion
Prionadded 2017/10/27 4:29 p.m.12 views

Command injection

In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the addserver, buildconfig, and constructcommandline functions...

7.2CVSS7.8AI score0.00451EPSS
Exploits1References5Affected Software2
CVE
CVEadded 2017/10/27 4:0 p.m.70 views

CVE-2017-15924

CVE-2017-15924 affects shadowsocks-libev (ss-manager) on version 3.1.0. Improper parsing of a JSON configuration request received via 127.0.0.1 UDP traffic enables local command injection through shell metacharacters in add_server, build_config, and construct_command_line pathways, potentially al...

7.8CVSS7.7AI score0.00451EPSS
Exploits1References5Affected Software1
Gentoo Linux
Gentoo Linuxadded 2012/09/26 12:0 a.m.22 views

Asterisk: Multiple vulnerabilities

Background Asterisk is an open source telephony engine and toolkit. Description Multiple vulnerabilities have been found in Asterisk: An error in manager.c allows shell access CVE-2012-2186. An error in Asterisk could cause all RTP ports to be exhausted CVE-2012-3812. A double-free error could...

9CVSS7.5AI score0.07186EPSS
Exploits0
CVE
CVEadded 2008/09/09 2:0 p.m.69 views

CVE-2008-3913

CVE-2008-3913 affects ClamAV up to version 0.94, specifically memory leaks in freshclam/manager.c that can cause denial of service via memory exhaustion. Disclosures from multiple advisories and Nessus/OpenSUSE/Mandriva Fedora notes tie this CVE to 0.94 release fixes, which address error-path mem...

5CVSS6AI score0.04126EPSS
Exploits1References26Affected Software1
Rows per page
Query Builder