CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

349 matches found

Debian CVE•added 2017/11/27 10:0 a.m.•30 views

CVE-2017-14176

Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117...

9.3CVSS7.2AI score0.01763EPSS

Exploits11

RedhatCVE•added 2017/11/03 2:19 p.m.•38 views

CVE-2017-16228

Dulwich before 0.18.5, when an SSH subprocess is used, allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-1000116, and CVE-2017-1000117...

10CVSS7.3AI score0.70245EPSS

Exploits12References1

OSV•added 2017/10/29 8:29 p.m.•44 views

PYSEC-2017-12

9.8CVSS7.3AI score0.00424EPSS

Exploits0References3

NVD•added 2017/10/29 8:29 p.m.•28 views

CVE-2017-16228

9.8CVSS8.7AI score0.00424EPSS

Exploits0References3

PyPA•added 2017/10/29 8:29 p.m.•3 views

PYSEC-2017-12

10CVSS7.8AI score0.70245EPSS

Exploits12References3Affected Software1

UbuntuCve•added 2017/10/29 8:29 p.m.•26 views

CVE-2017-16228

9.8CVSS7.1AI score0.00424EPSS

Exploits0References5

OSV•added 2017/10/29 8:29 p.m.•30 views

CVE-2017-16228

9.8CVSS9.2AI score

Exploits0References3

Debian CVE•added 2017/10/29 8:0 p.m.•40 views

CVE-2017-16228

9.8CVSS9AI score0.00424EPSS

Exploits0

Cvelist•added 2017/10/29 8:0 p.m.•30 views

CVE-2017-16228

9.4AI score0.00424EPSS

Exploits0References3

0day.today•added 2017/10/27 12:0 a.m.•33 views

Tizen Studio 1.3 Smart Development Bridge <2.3.2 - Buffer Overflow PoC Exploit

Exploit for windows platform in category dos / poc Exploit Title: Smart Development Bridge =2.3.2 part of Tizen Studio 1.3 Windows x86/x64 - Buffer Overflow PoC Date: 22.10.17 Exploit Author: Marcin Kopec Vendor Homepage: https://developer.tizen.org/ Software Link:...

7AI score

Exploits0

RedhatCVE•added 2017/09/12 7:48 a.m.•39 views

CVE-2017-14176

10CVSS7.5AI score0.70245EPSS

Exploits12References1

OSV•added 2017/09/05 12:0 a.m.•1 views

UBUNTU-CVE-2017-14176

8.8CVSS7.1AI score0.01763EPSS

Exploits11References4

OSV•added 2017/06/22 12:0 a.m.•11 views

PSF-2017-8 Environment variables injection in subprocess on Windows

On Windows, prevent passing invalid environment variables and command arguments to subprocess.Popen. It is possible to inject an environment variable in subprocess on Windows if a user data is passed to a subprocess via environment variable. Check for invalid environment variable names containing...

7AI score

Exploits0References1

Kitploit•added 2017/03/19 1:22 p.m.•480 views

gdbgui - A browser-based frontend/gui for GDB

A modern, browser-based frontend to gdb gnu debugger. Add breakpoints, view stack traces, and more in C, C++, Go, and Rust! Simply run gdbgui from the terminal and a new tab will open in your browser. Install sudo pip install gdbgui --upgrade Since gdbgui is under active development, consider...

7.2AI score

Exploits0References3

0day.today•added 2016/12/23 12:0 a.m.•6683 views

OpenSSH 7.4 - agent Protocol Arbitrary Library Loading Vulnerability

The OpenSSH agent permits its clients to load PKCS11 providers using the commands SSHAGENTCADDSMARTCARDKEY and SSHAGENTCADDSMARTCARDKEYCONSTRAINED if OpenSSH was compiled with the ENABLEPKCS11 flag normally enabled and the agent isn't locked. For these commands, the client has to specify a provid...

7.5CVSS7.9AI score0.01579EPSS

Exploits4

Tenable Nessus•added 2016/06/24 12:0 a.m.•31 views

Oracle Linux 7 : setroubleshoot / and / setroubleshoot-plugins (ELSA-2016-1293)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1293 advisory. setroubleshoot 3.2.24-4.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.2.24-4 - Catch all subproces...

7CVSS7AI score0.00076EPSS

Exploits2References4

Oracle linux•added 2016/06/23 12:0 a.m.•30 views

setroubleshoot and setroubleshoot-plugins security update

setroubleshoot 3.2.24-4.0.1 - Add setroubleshoot-oracle-enterprise.patch to change bug reporting URL to linux.oracle.com 3.2.24-4 - Catch all subprocess module exceptions 3.2.24-3 - Use subprocess.checkoutput with a sequence of program arguments 3.2.24-2 - Do not use dangerous shell=True...

6.9CVSS6.8AI score0.00076EPSS

Exploits2

Packet Storm•added 2016/06/01 12:0 a.m.•22 views

TCPDump 4.5.1 Crash Proof Of Concept

Exploit Title: tcpdump 4.5.1 Access Violation Crash Date: 31st May 2016 Exploit Author: David Silveiro Vendor Homepage: http://www.tcpdump.org Software Link: http://www.tcpdump.org/release/tcpdump-4.5.1.tar.gz Version: 4.5.1 Tested on: Ubuntu 14 LTS from subprocess import call from shlex import...

7.4AI score

Exploits0

exploitpack•added 2016/05/04 12:0 a.m.•17 views

TRN Threaded USENET News Reader 3.6-23 - Local Stack Overflow

TRN Threaded USENET News Reader 3.6-23 - Local Stack Overflow Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: Threaded USENET news reader Version: 3.6-23 Tested and developed under: Kali Linux 2.0 x86 -...

0.1AI score

Exploits0

0day.today•added 2016/05/04 12:0 a.m.•23 views

TRN Threaded USENET News Reader 3.6-23 - Local Stack Based Overflow

Exploit for linux platform in category local exploits Exploit developed using Exploit Pack v5.4 Exploit Author: Juan Sacco - http://www.exploitpack.com - email protected Program affected: Threaded USENET news reader Version: 3.6-23 Tested and developed under: Kali Linux 2.0 x86 -...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by