Lucene search
K

10 matches found

CVE
CVE
added 2026/05/05 3:5 p.m.18 views

CVE-2026-7865

The CVE-2026-7865 entry describes a vulnerability in Crestron devices where a hidden console command can be exploited to perform command injection by passing control characters to the second argument of a popen call. Affected software is the Crestron SSH console exposed on eligible devices; the u...

7.4CVSS5.8AI score0.00753EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/05 3:5 p.m.12 views

CVE-2026-7865 Hidden Console Command

A hidden console command is vulnerable to command injection flaw when control characters are passed to its second argument. A third party researcher Eugene Lim had discovered vulnerability in the way console command passes to a popen function call. Attackers with authenticated access to SSH...

7.4CVSS5.8AI score0.00753EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/17 12:31 a.m.7 views

EUVD-2026-23321

sagredo qmail before 2026.04.07 allows tlsquit remote code execution because of popen in notlshostsauto in qmail-remote.c...

8.1CVSS6.4AI score0.00851EPSS
Exploits0References6
OSV
OSV
added 2026/04/08 9:35 p.m.2 views

CVE-2026-40029 parseusbs < 1.9 Command Injection via Crafted LNK Filename

parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsanitized into an os.popen shell command, allowing arbitrary command execution via crafted .lnk filenames containing shell metacharacters. An attacker can craft a .lnk filename wi...

8.5CVSS6.3AI score0.00805EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 1:38 a.m.6 views

CVE-2017-15226

Zyxel NBG6716 V1.00AAKG.9C0 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call...

9.8CVSS7.6AI score0.02223EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-3294

The popen API function in TSRM/tsrmwin32.c in PHP before 5.2.11 and 5.3.x before 5.3.1, when running on certain Windows operating systems, allows context-dependent attackers to cause a denial of service crash via a crafted 1 "e" or 2 "er" string in the second argument aka mode, possibly related t...

5CVSS6.9AI score0.02731EPSS
Exploits2References4
CNVD
CNVD
added 2016/05/30 12:0 a.m.4 views

GraphicsMagick and ImageMagick Code Execution Vulnerabilities

GraphicsMagick is a set of simple image processing tools, the tool to the image to provide resizing, rotation, highlighting and other functions.ImageMagick is the U.S. ImageMagick Studio, Inc. of a set of open-source image processing software, the software can read, convert, write a variety of...

10CVSS8.8AI score0.49982EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2009/10/17 12:0 a.m.38 views

Sun VirtualBox 3.0.6 Local Root

!/bin/sh CVE-2009-3692 Sun VirtualBox runme.c include include include include include int mainint argc, char argv FILE from, to; int fd; char ch; setuid0; setgid0; from = fopen"/bin/sh","rb"; to = fopen"./sh","wb"; while!feoffrom ch = fgetcfrom; if!feoffrom fputcch, to; fclosefrom; fcloseto; fd =...

7.2CVSS0.2AI score0.00729EPSS
Exploits6
Exploit DB
Exploit DB
added 2009/10/17 12:0 a.m.37 views

Sun VirtualBox 3.0.6 - Local Privilege Escalation

!/bin/sh CVE-2009-3692 Sun VirtualBox runme.c include include include include include int mainint argc, char argv FILE from, to; int fd; char ch; setuid0; setgid0; from = fopen"/bin/sh","rb"; to = fopen"./sh","wb"; while!feoffrom ch = fgetcfrom; if!feoffrom fputcch, to; fclosefrom; fcloseto; fd =...

7.2CVSS6.7AI score0.00729EPSS
Exploits6
Cvelist
Cvelist
added 2005/04/21 4:0 a.m.14 views

CVE-1999-1580

SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS Internal Field Separator variable and passing crafted values to the -oR option...

6.6AI score0.01115EPSS
Exploits1References5
Rows per page
Query Builder