CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Redos•added 2024/07/30 12:0 a.m.•24 views

ROS-20240730-04

A vulnerability in the document processing, conversion and generation software suite Ghostscript is related to the introduction of a specially crafted pipe command. Exploitation of the vulnerability could Allow an attacker acting remotely to execute arbitrary code...

9.9CVSS7.6AI score0.06493EPSS

Exploits0

Tenable Nessus•added 2024/02/29 12:0 a.m.•24 views

CentOS 9 : ghostscript-9.54.0-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ghostscript-9.54.0-4.el9 build changelog. - A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe...

9.9CVSS8.2AI score0.06493EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 6:7 a.m.•1 views

SUSE CVE-2008-2933

Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' pipe characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations involving a series of URIs that is not entirely...

2.6CVSS6.5AI score0.06172EPSS

Exploits1References4

SUSE CVE•added 2023/02/15 3:48 a.m.•1 views

SUSE CVE-2021-3781

A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the ghostscript interpreter. The highes...

9.8CVSS9.6AI score0.06493EPSS

Exploits0References8

OSV•added 2022/11/23 2:15 a.m.•0 views

CVE-2020-23584

Unauthenticated remote code execution in OPTILINK OP-XT71000N, Hardware Version: V2.2 occurs when the attacker passes arbitrary commands with IP-ADDRESS using " | " to execute commands on " /diagtracertadmin.asp " in the "PingTest" parameter that leads to command execution...

9.8CVSS6.5AI score0.1899EPSS

Exploits0References1

OSV•added 2022/02/16 7:15 p.m.•1 views

ALPINE-CVE-2021-3781

9.9CVSS7.5AI score0.06493EPSS

Exploits0References1

UbuntuCve•added 2021/09/08 1:28 a.m.•44 views

CVE-2021-3781

9.9CVSS7.3AI score0.06493EPSS

Exploits0References2

CNVD•added 2018/09/11 12:0 a.m.•1 views

Artifex Ghostscript Code Execution Vulnerability (CNVD-2020-54493)

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

7.8CVSS8.9AI score0.00971EPSS

Exploits3References1

Packet Storm•added 2013/03/13 12:0 a.m.•26 views

Ruby Gem Curl Command Execution

Curl Ruby Gem Remote command execution 3/12/2013 https://github.com/tg0/curl Specially crafted URLs can result in remote code execution: In ./lib/curl.rb the following lines: 131 cmd = "curl cookiesstore browsertype @setupparams ref "url" " 132 if @debug 133 puts cmd.red 134 end 135 result =...

0.4AI score

Exploits0

OSV•added 2009/01/15 12:0 a.m.•10 views

DSA-1705-1 netatalk - arbitrary code execution

Bulletin has no description...

9.3CVSS6.3AI score0.01824EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by