Lucene search
K

7 matches found

Veracode
Veracode
added 2020/05/10 11:27 p.m.24 views

OS Command Injection

newsbeuter is vulnerable to OS Command Injection. Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a...

8.8CVSS5.4AI score0.06404EPSS
Exploits0References6Affected Software1
Gentoo Linux
Gentoo Linux
added 2018/03/11 12:0 a.m.67 views

Newsbeuter: User-assisted execution of arbitrary code

Background Newsbeuter is a RSS/Atom feed reader for the text console. Description Newsbeuter does not properly escape shell meta-characters in an RSS item with a media enclosure in the podcast playback function of Podbeuter. Impact A remote attacker, by enticing a user to open a feed with a...

8.8CVSS9AI score0.03078EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2018/01/26 12:9 a.m.63 views

Security update for newsbeuter (important)

This update for newsbeuter fixes one issues. This security issue was fixed: - CVE-2017-14500: Improper Neutralization of special elements allowed remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure that includes shell metacharacters in its...

6.8CVSS8.9AI score0.03078EPSS
Exploits0References1
NVD
NVD
added 2017/09/17 5:29 a.m.13 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS8.9AI score0.03078EPSS
Exploits0References6
Cvelist
Cvelist
added 2017/09/17 5:0 a.m.40 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.9AI score0.03078EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2017/09/17 5:0 a.m.20 views

CVE-2017-14500

Removed by vendor...

8.8CVSS8.7AI score0.03078EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2017/09/17 5:0 a.m.21 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS9AI score0.03078EPSS
Exploits0
Rows per page
Query Builder