Lucene search
K

39 matches found

BDU FSTEC
BDU FSTEC
added 2024/04/19 12:0 a.m.7 views

The vulnerability of the svc_cifssupport utility in the Dell Unity Operating Environment (OE) system allows a malicious actor to execute arbitrary operating system commands with root privileges.

The vulnerability of the svccifssupport utility in the Dell Unity Operating Environment DELL Unity Operating Environment system exists due to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows an attacker to...

7.8CVSS7.5AI score0.00644EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/12 12:0 a.m.7 views

The vulnerability of the NTPSyncWithHost function in the cstecgi.cgi microprogramming software for TOTOLINK EX1200L routers allows a hacker to execute arbitrary code.

The vulnerability of the NTPSyncWithHost function in the cstecgi.cgi microprogramming software for TOTOLINK EX1200L routers exists due to the lack of measures taken to neutralize the special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to...

10CVSS8.1AI score0.01297EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/12 12:0 a.m.7 views

The vulnerability of the graphical interface of the FortiSIEM security management system allows a hacker to execute arbitrary commands.

The vulnerability of the FortiSIEM security management graphical interface is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS8.4AI score0.03224EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/25 12:0 a.m.5 views

The vulnerability of the flupl query_type function in D-Link G416 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the flupl querytype function in D-Link G416 router microprogramming software relates to the failure to take measures to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by...

8.8CVSS8.1AI score0.00916EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/25 12:0 a.m.8 views

The vulnerability of the flupl function in D-Link G416 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the flupl function in D-Link G416 router microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by...

8.8CVSS8.1AI score0.00946EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/08 12:0 a.m.6 views

The vulnerability of the Command Line Interface (CLI) of the Cisco Identity Services Engine (ISE) management platform allows a hacker to escalate their privileges.

The vulnerability of the Command Line Interface CLI of the Cisco Identity Services Engine ISE management platform relates to the lack of measures taken to neutralize special elements used in the OS command line. Exploiting this vulnerability can allow attackers to increase their privileges...

6.2CVSS6.6AI score0.00465EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.28 views

Advantech iView 命令注入漏洞

Advantech iView, a Simple Network Protocol SNMP based software from Advantech, China, for managing B B SmartWorx devices, is vulnerable to a command injection vulnerability in versions prior to Advantech iView 5.7.04.6469, which stems from the use of a special element in a command that is not...

9.8CVSS6.2AI score0.59184EPSS
Exploits4References7
CNNVD
CNNVD
added 2022/01/14 12:0 a.m.6 views

Dolibarr SQL注入漏洞

Dolibarr is a software application. A modern software package that helps manage your organization's activities. A security vulnerability exists in Dolibarr that stems from the vulnerability of dolibarr to unsatisfactory neutralization of specific elements used in SQL commands...

9.8CVSS7.8AI score0.01995EPSS
Exploits1References3
CNVD
CNVD
added 2020/04/17 12:0 a.m.1 views

NETGEAR D3600, D6000 and XR500 OS Command Injection Vulnerability (CNVD-2020-27258)

NETGEAR D3600 and others are products of NETGEAR Corporation.NETGEAR D3600 is a wireless modem.NETGEAR D6000 is a wireless modem.NETGEAR XR500 is a wireless router.NETGEAR XR500 is a wireless router. An operating system command injection vulnerability exists in the NETGEAR D3600 prior to version...

8CVSS7.9AI score0.00913EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/03/20 12:0 a.m.5 views

The vulnerability of the SERVER_ID component in D-Link DIR-859 router microprogramming software exists due to the lack of measures taken to neutralize special elements used in the operating system commands. This vulnerability allows a hacker to execute arbitrary commands.

The vulnerability of the SERVERID component in the D-Link DIR-859 router microprogramming system exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.1AI score0.03558EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2019/10/23 12:0 a.m.14 views

Dolibarr ERP/CRM Injection Vulnerability

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. An injection vulnerability exists in Dolibarr ERP/CRM version...

6.1CVSS7.3AI score0.01114EPSS
Exploits0References1
Prion
Prion
added 2017/09/15 10:29 a.m.21 views

Hardcoded credentials

The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search GIMPS allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed...

6.9CVSS7.3AI score0.00268EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/09/15 10:29 a.m.22 views

CVE-2017-14484

The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search GIMPS allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed...

7.3CVSS7.4AI score0.00268EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/09/15 10:0 a.m.39 views

CVE-2017-14484

The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search GIMPS allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed...

7.4AI score0.00268EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2017/01/07 12:0 a.m.29 views

MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015

MS15-088 Description of the security update for Windows, Internet Explorer, and Office: August 11, 2015 Summary This security update helps resolve an information disclosure vulnerability in Windows, Internet Explorer, and Microsoft Office. To exploit the vulnerability, an attacker would first hav...

6.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/10/13 12:0 a.m.14 views

Microsoft Internet Explorer Information Disclosure (MS15-106: CVE-2015-6046)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

4.3CVSS7.2AI score0.14003EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/09/08 12:0 a.m.32 views

Microsoft Internet Explorer Information Disclosure (MS15-094: CVE-2015-2483)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Microsoft Internet Explorer while handling unsafe command line parameters. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

5CVSS5.8AI score0.19142EPSS
Exploits0
securityvulns
securityvulns
added 2003/03/12 12:0 a.m.28 views

man code execution

Under some conditions 'unsafe' command may be invoked...

2.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/03/12 12:0 a.m.45 views

Vulnerability in man < 1.5l

man 1.5l was released today, fixing a bug which results in arbitrary code execution upon reading a specially formatted man file. The basic problem is, upon finding a string with a quoting problem, the function myxsprintf in util.c will return "unsafe" rather than returning a string which could be...

1.1AI score
Exploits0
Rows per page
Query Builder