CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1768 matches found

NVD•added 2023/08/07 9:15 p.m.•10 views

CVE-2023-39523

ScanCode.io is a server to script and automate software composition analysis with ScanPipe pipelines. Prior to version 32.5.1, the software has a possible command injection vulnerability in the docker fetch process as it allows to append malicious commands in the dockerreference parameter. In the...

8.8CVSS7.5AI score0.01643EPSS

Exploits1References4

Vulnrichment•added 2023/08/07 8:55 p.m.•13 views

CVE-2023-39523 ScanCode.io command injection in docker image fetch process

6.8CVSS8.9AI score0.01643EPSS

Exploits1References4

Positive Technologies•added 2023/08/07 12:0 a.m.•3 views

PT-2023-4304 · Docker · Docker

Name of the Vulnerable Software and Affected Versions: ScanCode.io versions prior to 32.5.1 Description: The issue is related to a command injection vulnerability in the docker fetch process. This vulnerability allows malicious commands to be appended to the docker reference parameter. The docker...

8.8CVSS8.9AI score0.01643EPSS

Exploits1References11

Tenable Nessus•added 2023/07/28 12:0 a.m.•28 views

EulerOS Virtualization 2.10.0 : emacs (EulerOS-SA-2023-2486)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

9.8CVSS7.8AI score0.00447EPSS

Exploits0References5

Exploit DB•added 2023/07/20 12:0 a.m.•375 views

Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.

Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE. Author: nu11secur1ty Date: 07.18.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office Reference: https://portswigger.net/web-security/access-control...

7.8CVSS8.2AI score0.01716EPSS

Exploits4

Packet Storm•added 2023/07/19 12:0 a.m.•431 views

Microsoft Office 365 18.2305.1222.0 Remote Code Execution

Title: Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege Vulnerability + RCE. Author: nu11secur1ty Date: 07.18.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/microsoft-office Reference:...

7.8CVSS7.1AI score0.01716EPSS

Exploits4

Talos•added 2023/07/06 12:0 a.m.•33 views

Milesight UR32L urvpn_client cmd_name_action OS command injection vulnerabilities

Talos Vulnerability Report TALOS-2023-1710 Milesight UR32L urvpnclient cmdnameaction OS command injection vulnerabilities July 6, 2023 CVE Number CVE-2023-24583,CVE-2023-24582 SUMMARY Two OS command injection vulnerabilities exist in the urvpnclient cmdnameaction functionality of Milesight UR32L...

8.8CVSS9.2AI score0.00214EPSS

Exploits2

CVE•added 2023/06/12 5:4 p.m.•41 views

CVE-2023-34334

The CVE-2023-34334 entry describes an issue in AMI BMC’s SPX REST API where an attacker with required privileges can inject arbitrary shell commands, potentially enabling code execution, denial of service, information disclosure, or data tampering. Affected product is AMI BMC (SPX REST API compon...

8.8CVSS8.6AI score0.0036EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/06/12 5:4 p.m.•6 views

CVE-2023-34334

AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, or data tampering...

7.2CVSS7.1AI score0.0036EPSS

Exploits0References1

Positive Technologies•added 2023/06/12 12:0 a.m.•3 views

PT-2023-24829 · American Megatrends · Ami Bmc

Name of the Vulnerable Software and Affected Versions: AMI BMC affected versions not specified Description: The issue concerns the SPX REST API in AMI BMC, where an attacker with the required privileges can inject arbitrary shell commands. This could potentially lead to code execution, denial of...

8.8CVSS8.7AI score0.0036EPSS

Exploits0References2

CNNVD•added 2023/06/12 12:0 a.m.•3 views

BMC AMI 操作系统命令注入漏洞

BMC AMI BMC Automated Mainframe Intelligence is an automated mainframe intelligence solution from BMC USA. A security vulnerability exists in BMC AMI that stems from the presence of an arbitrary shell command injection vulnerability, which could lead to code execution, denial of service,...

8.8CVSS8.1AI score0.0036EPSS

Exploits0References2

CNNVD•added 2023/06/12 12:0 a.m.•2 views

BMC AMI 操作系统命令注入漏洞

BMC AMI BMC Automated Mainframe Intelligence is an automated mainframe intelligence solution from BMC USA. A security vulnerability exists in BMC AMI. An attacker exploiting this vulnerability could inject arbitrary shell commands that could lead to code execution, denial of service, information...

8.8CVSS8.3AI score0.0036EPSS

Exploits0References2

Tenable Nessus•added 2023/06/03 12:0 a.m.•32 views

Fedora 38 : ImageMagick (2023-d53831b69d)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d53831b69d advisory. Update to 7.1.1.11 2210875 ---- Update to 7.1.1.10 2207788 Security fix for CVE-2023-34151 Security fix for CVE-2023-34152 Security fix for...

9.8CVSS6.7AI score0.64865EPSS

Exploits5References4

Tenable Nessus•added 2023/06/02 12:0 a.m.•36 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ImageMagick (SUSE-SU-2023:2344-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2344-1 advisory. - A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors...

7.8CVSS6.7AI score0.00703EPSS

Exploits2References7