Lucene search
K

15298 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:3 a.m.4 views

SUSE CVE-2009-2288

statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 ping or 2 Traceroute parameters...

7.5CVSS7.8AI score0.83453EPSS
Exploits14References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-3125

SQL injection vulnerability in the Bug.search WebService function in Bugzilla 3.3.2 through 3.4.1, and 3.5, allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

7.5CVSS8.8AI score0.01393EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.4 views

SUSE CVE-2009-4025

Argument injection vulnerability in the traceroute function in Traceroute.php in the NetTraceroute package before 0.21.2 for PEAR allows remote attackers to execute arbitrary shell commands via the host parameter. NOTE: some of these details are obtained from third party information...

10CVSS8.2AI score0.06149EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.1 views

SUSE CVE-2009-4273

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request...

10CVSS7.8AI score0.1772EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.1 views

SUSE CVE-2010-3753

programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the ciscobanner aka serverbanner field, a different vulnerability than CVE-2010-3308...

6.5CVSS7.4AI score0.02409EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:56 a.m.2 views

SUSE CVE-2010-3928

Ruby Version Manager RVM before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via a crafted file, related to an "escape sequence injection vulnerability." NOTE: some of these details are...

6.8CVSS8AI score0.01786EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.2 views

SUSE CVE-2011-0997

dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to...

7.5CVSS7.8AI score0.84292EPSS
Exploits6References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.5 views

SUSE CVE-2011-1018

logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server...

10CVSS7.7AI score0.18321EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:52 a.m.4 views

SUSE CVE-2011-2716

The DHCP client udhcpc in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the 1 HOSTNAME, 2 DOMAINNAME, 3 NISDOMAIN, and 4 TFTPSERVERNAME host name options...

6.8CVSS7.5AI score0.018EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:51 a.m.4 views

SUSE CVE-2011-2899

pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the 1 NetBIOS or 2 workgroup name, which are not properly handled when searching for network printers...

5.1CVSS7.9AI score0.01967EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:49 a.m.6 views

SUSE CVE-2012-0394

The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself...

6.8CVSS7.7AI score0.74405EPSS
Exploits9References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.2 views

SUSE CVE-2012-1675

The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by...

7.5CVSS9.4AI score0.77633EPSS
Exploits3References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.3 views

SUSE CVE-2012-2142

The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator...

7.8CVSS7.8AI score0.02942EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.5 views

SUSE CVE-2012-2240

scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."...

7.5CVSS7.8AI score0.03154EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:46 a.m.1 views

SUSE CVE-2012-2395

Incomplete blacklist vulnerability in actionpower.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 username or 2 password fields to the powersystem method in the xmlrpc API...

7.5CVSS8AI score0.05555EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.2 views

SUSE CVE-2012-4463

Midnight Commander mc 4.8.5 does not properly handle the 1 MCEXTSELECTED or 2 MCEXTONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name...

5.1CVSS7.4AI score0.01867EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.7 views

SUSE CVE-2012-5520

The sendtosourcefire function in managesql.c in OpenVAS Manager 3.x before 3.0.4 allows remote attackers to execute arbitrary commands via the 1 IP address or 2 port number field in an OMP request...

7.5CVSS7.8AI score0.03052EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:41 a.m.2 views

SUSE CVE-2013-1362

Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor NRPE before 2.14 might allow remote attackers to execute arbitrary shell commands via "$" shell metacharacters, which are processed by bash...

7.5CVSS7.9AI score0.65724EPSS
Exploits9References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:33 a.m.1 views

SUSE CVE-2013-7378

scripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands...

9.8CVSS7.6AI score0.02685EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.3 views

SUSE CVE-2014-2527

kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a " double quote character in the directory name, a different vulnerability than CVE-2014-2528...

6.8CVSS7.9AI score0.03008EPSS
Exploits1References4
Rows per page
Query Builder