Lucene search
K

57 matches found

Prion
Prion
added 2018/05/09 8:29 p.m.20 views

Command injection

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

10CVSS9.7AI score0.06084EPSS
Exploits2References1Affected Software1
Prion
Prion
added 2018/05/09 8:29 p.m.12 views

Command injection

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

10CVSS9.7AI score0.06164EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2018/05/09 8:29 p.m.4 views

CVE-2017-14474

In the MMM::Agent::Helpers::execute function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An attacker that can...

9.8CVSS6AI score0.06164EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/05/09 8:0 p.m.26 views

CVE-2017-14477

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

9.8CVSS9.8AI score0.06084EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/05/09 8:0 p.m.28 views

CVE-2017-14479

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

9.8CVSS9.8AI score0.06084EPSS
Exploits2References1
CVE
CVE
added 2018/05/09 8:0 p.m.59 views

CVE-2017-14478

CVE-2017-14478 affects MMM mmm_agentd 2.2.1 on Linux, enabling remote shell command injection via crafted MMM protocol messages that reach MMM::Agent::Helpers::Network::clear_ip (and related helpers). The vulnerability stems from unsanitized shell invocation in _execute(), which is called with un...

10CVSS9.7AI score0.06084EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2018/05/09 8:0 p.m.60 views

CVE-2017-14479

CVE-2017-14479 affects MMM MMM Agent (mmm_agentd) 2.2.1 on Solaris, with a shell command injection in MMM::Agent::Helpers::Network::clear_ip triggered by specially crafted protocol messages via a TCP session. The vulnerability arises from unsafely passing untrusted input (IP/if, etc.) through she...

10CVSS9.7AI score0.06084EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2018/05/09 8:0 p.m.16 views

CVE-2017-14480

In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for FreeBSD, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

9.8CVSS9.8AI score0.06084EPSS
Exploits2References1
Cvelist
Cvelist
added 2018/05/09 8:0 p.m.32 views

CVE-2017-14475

In the MMM::Agent::Helpers::Network::addip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Linux, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...

9.8CVSS9.8AI score0.06164EPSS
Exploits2References1
OSV
OSV
added 2017/03/27 5:59 p.m.2 views

ALPINE-CVE-2017-6542

The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...

9.8CVSS7.6AI score0.21816EPSS
Exploits4References1
CNVD
CNVD
added 2015/02/21 12:0 a.m.1 views

Cisco TelePresence Multipoint Control Unit Denial of Service Vulnerability

Cisco TelePresence is a telepresence conferencing solution developed by Cisco. A denial of service vulnerability exists in the Cisco TelePresence Multipoint Control Unit, which allows an attacker to exploit the vulnerability by submitting a special TCP message that crashes the application due to...

7.8CVSS6.8AI score0.01819EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/02/13 12:0 a.m.27 views

Mandriva Linux Security Advisory : postgresql (MDVSA-2015:048)

Multiple vulnerabilities has been discovered and corrected in postgresql : Stephen Frost discovered that PostgreSQL incorrectly displayed certain values in error messages. An authenticated user could gain access to seeing certain values, contrary to expected permissions CVE-2014-8161. Andres...

9.8CVSS7.2AI score0.05533EPSS
Exploits0References6
Ubuntu
Ubuntu
added 2015/02/11 5:57 p.m.69 views

USN-2499-1: PostgreSQL vulnerabilities

Stephen Frost discovered that PostgreSQL incorrectly displayed certain values in error messages. An authenticated user could gain access to seeing certain values, contrary to expected permissions. CVE-2014-8161 Andres Freund, Peter Geoghegan and Noah Misch discovered that PostgreSQL incorrectly...

9.8CVSS7.2AI score0.05533EPSS
Exploits0
ArchLinux
ArchLinux
added 2015/02/06 12:0 a.m.34 views

postgresql: multiple issues

CVE-2014-8161 information leak Some server error messages show the values of columns that violate a constraint, such as a unique constraint. If the user does not have SELECT privilege on all columns of the table, this could mean exposing values that the user should not be able to see. Adjust the...

1.2AI score0.05533EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2015/02/06 12:0 a.m.34 views

CVE-2015-0244

PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...

9.8CVSS7.2AI score0.04193EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2015/02/05 12:0 a.m.36 views

PostgreSQL -- multiple buffer overflows and memory issues

PostgreSQL Project reports: This update fixes multiple security issues reported in PostgreSQL over the past few months. All of these issues require prior authentication, and some require additional conditions, and as such are not considered generally urgent. However, users should examine the list...

9.8CVSS7.8AI score0.05533EPSS
Exploits0
PostrgeSql
PostrgeSql
added 2015/02/05 12:0 a.m.70 views

Vulnerability in core server (CVE-2015-0244)

An error in extended protocol message reading...

9.8CVSS9.1AI score0.04193EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder