Lucene search
K

15298 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.2 views

SUSE CVE-2014-2528

kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a ' single quote character in the directory name, a different vulnerability than CVE-2014-2527...

6.8CVSS7.9AI score0.02879EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.3 views

SUSE CVE-2014-3524

Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet...

9.3CVSS8AI score0.14596EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.2 views

SUSE CVE-2014-3686

wpasupplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpacli or hostapdcli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame...

6.8CVSS7.7AI score0.04945EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.3 views

SUSE CVE-2014-3741

The printDirect function in lib/printer.js in the node-printer module 0.0.1 and earlier for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in the lpr command...

9.8CVSS7.8AI score0.03826EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.7 views

SUSE CVE-2014-5261

The graph settings script graphsettings.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a font size, related to the rrdtool commandline in lib/rrd.php...

7.5CVSS8.9AI score0.10773EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.6 views

SUSE CVE-2014-7844

BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...

7.8CVSS7.7AI score0.0155EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.4 views

SUSE CVE-2014-8517

The fetchurl function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 through 5.1.4, 5.2 through 5.2.2, 6.0 through 6.0.6, and 6.1 through 6.1.5 allows remote attackers to execute arbitrary commands via a | pipe character at the end of an HTTP redirect...

7.5CVSS7.8AI score0.69115EPSS
Exploits8References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.3 views

SUSE CVE-2014-8990

default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename...

7.5CVSS7.4AI score0.05236EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.2 views

SUSE CVE-2014-9390

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

9.8CVSS7.4AI score0.63178EPSS
Exploits5References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:21 a.m.2 views

SUSE CVE-2015-2180

The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password...

9CVSS9AI score0.04714EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:11 a.m.3 views

SUSE CVE-2015-8560

Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via a ; semicolon character in a print job, a different vulnerability than CVE-2015-8327...

7.3CVSS7.9AI score0.05251EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.3 views

SUSE CVE-2016-1253

The most package in Debian wheezy before 5.0.0a-2.2, in Debian jessie before 5.0.0a-2.3+deb8u1, and in Debian unstable before 5.0.0a-3 allows remote attackers to execute arbitrary commands via shell metacharacters in the name of an LZMA-compressed file...

10CVSS9.7AI score0.04828EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:8 a.m.5 views

SUSE CVE-2016-1608

vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter...

9CVSS7.7AI score0.11343EPSS
Exploits4References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:1 a.m.3 views

SUSE CVE-2016-5239

The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors...

9.8CVSS7.7AI score0.03162EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.4 views

SUSE CVE-2016-10243

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shellescapecommands in the texmf.cnf config file...

7CVSS7.7AI score0.07146EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:50 a.m.5 views

SUSE CVE-2017-5200

Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's sshclient...

8.8CVSS7.4AI score0.03205EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.5 views

SUSE CVE-2017-8291

Artifex Ghostscript through 2017-04-26 allows -dSAFER bypass and remote command execution via .rsdparams type confusion with a "/OutputFile %pipe%" substring in a crafted .eps document that is an input to the gs program, as exploited in the wild in April 2017...

7.8CVSS9.2AI score0.96968EPSS
Exploits7References8
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.2 views

SUSE CVE-2017-10906

Escape sequence injection vulnerability in Fluentd versions 0.12.29 through 0.12.40 may allow an attacker to change the terminal UI or execute arbitrary commands on the device via unspecified vectors...

10CVSS9.7AI score0.04581EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:37 a.m.2 views

SUSE CVE-2017-16228

Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

9.8CVSS8.5AI score0.03394EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.2 views

SUSE CVE-2017-17459

httptransport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176,...

7.5CVSS8.5AI score0.02805EPSS
Exploits0References3
Rows per page
Query Builder