Lucene search
+L

14 matches found

opensuse
opensuse
added 2018/01/26 12:9 a.m.64 views

Security update for newsbeuter (important)

This update for newsbeuter fixes one issues. This security issue was fixed: - CVE-2017-14500: Improper Neutralization of special elements allowed remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure that includes shell metacharacters in its...

6.8CVSS8.9AI score0.03078EPSS
Exploits0References1
openvas
openvas
added 2018/01/21 12:0 a.m.22 views

openSUSE: Security Advisory for newsbeuter (openSUSE-SU-2018:0166-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.8AI score0.06404EPSS
Exploits0References1
opensuse
opensuse
added 2018/01/20 6:19 p.m.44 views

Security update for newsbeuter (important)

This update for newsbeuter fixes one issues. This security issue was fixed: - CVE-2017-12904: Improper neutralization of special elements allowed remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL bsc1054578...

9.3CVSS8.9AI score0.06404EPSS
Exploits0References1
nvd
nvd
added 2017/09/17 5:29 a.m.14 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS8.9AI score0.03078EPSS
Exploits0References6
osv
osv
added 2017/09/17 5:29 a.m.2 views

ALPINE-CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.8CVSS7.9AI score0.03078EPSS
Exploits0References1
debiancve
debiancve
added 2017/09/17 5:0 a.m.24 views

CVE-2017-14500

Removed by vendor...

8.8CVSS8.7AI score0.03078EPSS
Exploits0
cvelist
cvelist
added 2017/09/17 5:0 a.m.40 views

CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure i.e., a podcast file that includes shell...

8.9AI score0.03078EPSS
Exploits0References6
archlinux
archlinux
added 2017/09/16 12:0 a.m.25 views

[ASA-201709-11] newsbeuter: arbitrary command execution

Arch Linux Security Advisory ASA-201709-11 ========================================== Severity: High Date : 2017-09-16 CVE-ID : CVE-2017-12904 CVE-2017-14500 Package : newsbeuter Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-401 Summary ======= The...

9.3CVSS2.9AI score0.06404EPSS
Exploits0References10
nvd
nvd
added 2017/08/23 2:29 p.m.11 views

CVE-2017-12904

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL...

9.3CVSS8.9AI score0.06404EPSS
Exploits0References5
ubuntucve
ubuntucve
added 2017/08/23 2:29 p.m.20 views

CVE-2017-12904

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL...

9.3CVSS7.6AI score0.06404EPSS
Exploits0References4
prion
prion
added 2017/08/23 2:29 p.m.21 views

Command injection

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL...

9.3CVSS8.8AI score0.06404EPSS
Exploits0References5Affected Software2
osv
osv
added 2017/08/23 2:29 p.m.24 views

CVE-2017-12904

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL...

8.8CVSS9AI score
Exploits0References5
debiancve
debiancve
added 2017/08/23 2:0 p.m.15 views

CVE-2017-12904

Removed by vendor...

9.3CVSS8.7AI score0.06404EPSS
Exploits0
alpinelinux
alpinelinux
added 2017/08/23 2:0 p.m.52 views

CVE-2017-12904

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item that includes shell code in its title and/or URL...

9.3CVSS9AI score0.06404EPSS
Exploits0
Rows per page
Query Builder