Lucene search
K

7 matches found

Gitee
Gitee
added 2025/09/06 2:57 a.m.153 views

shellshocker-pocs

This is a collection of Proof of Concepts PoCs and potential targets for the ShellShocker vulnerability. The PoCs are designed to exploit the vulnerability in various products and services, including XMPP ejabberd, Mailman, MySQL, NFS, Bind9, FTP, and others. The PoCs are primarily focused on...

8.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/01/12 12:0 a.m.3 views

The vulnerability of the Apache mod_cgi module for HTTP servers in the SonicWall network device software for the SMA series (SMA 100, SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500vl) allows attackers to execute arbitrary code.

The vulnerability of the Apache modcgi module for HTTP servers in the SonicWall network devices from the SMA series SMA 100, SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v is related to the execution of code outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to...

9.8CVSS8.9AI score0.99912EPSS
Exploits7References5Affected Software6
OSV
OSV
added 2021/12/08 10:15 a.m.4 views

CVE-2021-20038

A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's modcgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware...

9.8CVSS7.7AI score0.99912EPSS
Exploits7References4
CNNVD
CNNVD
added 2021/12/07 12:0 a.m.3 views

Sonicwall SMA100 缓冲区错误漏洞

The Sonicwall SMA100 is a secure access gateway appliance from Sonicwall, Inc. A buffer error vulnerability in the modcgi module environment variable of the SonicWall SMA100 Apache httpd server allows an unauthenticated, remote attacker to potentially execute code as the nobody user in the device...

9.8CVSS9AI score0.99912EPSS
Exploits7References5
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of Cisco Nexus 7000 software allows a malicious individual to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...

10CVSS8.5AI score0.99999EPSS
Exploits130References2
OSV
OSV
added 2014/09/27 12:0 a.m.4 views

UBUNTU-CVE-2014-6277

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code or cause a denial of service uninitialized memory access, and untrusted-pointer read and write operations via a crafted...

10CVSS7.2AI score0.64326EPSS
Exploits16References8
OSV
OSV
added 2014/09/24 12:0 a.m.2 views

UBUNTU-CVE-2014-6271

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and modcg...

9.8CVSS7.7AI score0.99999EPSS
Exploits130References4
Rows per page
Query Builder