Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2018/03/12 12:0 a.m.35 views

GLSA-201803-04 : Newsbeuter: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201803-04 Newsbeuter: User-assisted execution of arbitrary code Newsbeuter does not properly escape shell meta-characters in an RSS item with a media enclosure in the podcast playback function of Podbeuter. Impact : A remote...

8.8CVSS8.3AI score0.03078EPSS
Exploits0References2
Prion
Prion
added 2017/09/17 5:29 a.m.21 views

Command injection

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

6.8CVSS8.8AI score0.06404EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2017/09/17 5:29 a.m.20 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS7.6AI score0.03078EPSS
Exploits0References3
OSV
OSV
added 2017/09/17 5:29 a.m.19 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS8.9AI score
Exploits0References6
AlpineLinux
AlpineLinux
added 2017/09/17 5:0 a.m.21 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS9AI score0.03078EPSS
Exploits0
Debian CVE
Debian CVE
added 2017/09/17 5:0 a.m.20 views

CVE-2017-14500

Removed by vendor...

8.8CVSS8.7AI score0.03078EPSS
Exploits0
ArchLinux
ArchLinux
added 2017/09/16 12:0 a.m.24 views

[ASA-201709-11] newsbeuter: arbitrary command execution

Arch Linux Security Advisory ASA-201709-11 ========================================== Severity: High Date : 2017-09-16 CVE-ID : CVE-2017-12904 CVE-2017-14500 Package : newsbeuter Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-401 Summary ======= The...

9.3CVSS2.9AI score0.06404EPSS
Exploits0References10
Rows per page
Query Builder