10 matches found
CVE-2026-7865
The CVE-2026-7865 entry describes a vulnerability in Crestron devices where a hidden console command can be exploited to perform command injection by passing control characters to the second argument of a popen call. Affected software is the Crestron SSH console exposed on eligible devices; the u...
CVE-2026-7865 Hidden Console Command
A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH...
EUVD-2026-23321
sagredo qmail before 2026.04.07 allows tlsquit remote code execution because of popen in notlshostsauto in qmail-remote.c...
CVE-2026-40029 parseusbs < 1.9 Command Injection via Crafted LNK Filename
parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsanitized into an os.popen shell command, allowing arbitrary command execution via crafted .lnk filenames containing shell metacharacters. An attacker can craft a .lnk filename wi...
CVE-2017-15226
Zyxel NBG6716 V1.00AAKG.9C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call...
SUSE CVE-2009-3294
The popen API function in TSRM/tsrmwin32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service crash via a crafted 1 "e" or 2 "er" string in the second argument aka mode, possibly related t...
GraphicsMagick and ImageMagick Code Execution Vulnerabilities
GraphicsMagick is a set of simple image processing tools, the tool to the image to provide resizing, rotation, highlighting and other functions.ImageMagick is the U.S. ImageMagick Studio, Inc. of a set of open-source image processing software, the software can read, convert, write a variety of...
Sun VirtualBox 3.0.6 Local Root
!/bin/sh CVE-2009-3692 Sun VirtualBox runme.c include include include include include int mainint argc, char argv FILE from, to; int fd; char ch; setuid0; setgid0; from = fopen"/bin/sh","rb"; to = fopen"./sh","wb"; while!feoffrom ch = fgetcfrom; if!feoffrom fputcch, to; fclosefrom; fcloseto; fd =...
Sun VirtualBox 3.0.6 - Local Privilege Escalation
!/bin/sh CVE-2009-3692 Sun VirtualBox runme.c include include include include include int mainint argc, char argv FILE from, to; int fd; char ch; setuid0; setgid0; from = fopen"/bin/sh","rb"; to = fopen"./sh","wb"; while!feoffrom ch = fgetcfrom; if!feoffrom fputcch, to; fclosefrom; fcloseto; fd =...
CVE-1999-1580
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS Internal Field Separator variable and passing crafted values to the -oR option...