Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2010-1486

Malware in sbrugna...

6.8CVSS6.1AI score0.04668EPSS
Exploits10References9
Elastic
Elastic
added 2021/12/15 10:21 p.m.10 views

Elasticsearch 5.0.0-5.6.10 and 6.0.0-6.3.2: Log4j CVE-2021-44228, CVE-2021-45046 remediation

Note — If you are not running Elasticsearch 5.0.0-5.6.10 or 6.0.0-6.3.2, these instructions do not apply. Please follow the guidance in themain announcement. Instructions for removing JndiLookup from the log4j-core JAR file​ These instructions only apply to users running Elasticsearch versions...

10CVSS7.6AI score0.99999EPSS
Exploits349
Metasploit
Metasploit
added 2021/09/20 5:41 p.m.169 views

elFinder Archive Command Injection

elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via its archive functionality. When creating a new zip archive, the name parameter is sanitized with the escapeshellarg php function and then passed to the zip utility. Despite the sanitization, supplying the -TmTT...

9.8CVSS9AI score0.69934EPSS
Exploits5
Packet Storm
Packet Storm
added 2021/09/15 12:0 a.m.1168 views

elFinder Archive Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'elFinder Archive Command Injection', 'Description' = %q elFinder versions below 2.1.59 are vulnerable to a command injection vulnerability via it...

9.8CVSS0.4AI score0.69934EPSS
Exploits5
Cvelist
Cvelist
added 2020/03/10 10:35 p.m.18 views

CVE-2019-5159

An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software v1.6.0.7. A specially crafted firmware update file can allow an attacker to write arbitrary files to arbitrary locations on WAGO controllers as a part of...

7.8AI score0.01817EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2018/09/14 4:22 p.m.21 views

Exploit for Command Injection in Python

Python CVE-2018-1000802 Proof-of-Concept This is a PoC for th...

9.8CVSS7AI score0.20807EPSS
Exploits1
Saint
Saint
added 2012/02/03 12:0 a.m.47 views

Oracle Outside In Library OOXML Overflow

Added: 02/03/2012 CVE: CVE-2012-0110 BID: 51452 OSVDB: 78411 Background Oracle Outside In is a a suite of software development kits that allows developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem Outside In version...

4.4CVSS6.2AI score0.00356EPSS
Exploits4
Saint
Saint
added 2010/06/24 12:0 a.m.26 views

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

6.8CVSS6.8AI score0.04668EPSS
Exploits10
Saint
Saint
added 2010/06/24 12:0 a.m.19 views

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

6.8CVSS6.8AI score0.04668EPSS
Exploits10
Saint
Saint
added 2010/06/24 12:0 a.m.27 views

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

6.8CVSS6.8AI score0.04668EPSS
Exploits10
Saint
Saint
added 2010/06/24 12:0 a.m.18 views

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

6.8CVSS6.8AI score0.04668EPSS
Exploits10
NVD
NVD
added 2010/04/20 4:30 p.m.22 views

CVE-2010-1458

Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X FSX allows remote attackers to execute arbitrary code via a long filename in a ZIP archive...

6.8CVSS8AI score0.04668EPSS
Exploits10References7
Prion
Prion
added 2010/04/20 4:30 p.m.10 views

Stack overflow

Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X FSX allows remote attackers to execute arbitrary code via a long filename in a ZIP archive...

6.8CVSS8.6AI score0.04668EPSS
Exploits10References7Affected Software1
CVE
CVE
added 2010/04/20 4:0 p.m.46 views

CVE-2010-1458

The CVE-2010-1458 issue affects TweakFS Zip Utility 1.0 for Flight Simulator X (FSX). A stack-based buffer overflow is triggered by a long filename within a ZIP archive, allowing an attacker to execute arbitrary code on the affected host. Public disclosures (Corelan advisory CORELAN-10-026) and m...

6.8CVSS8.1AI score0.04668EPSS
Exploits10References7Affected Software1
Gentoo Linux
Gentoo Linux
added 2004/11/09 12:0 a.m.34 views

zip: Path name buffer overflow

Background zip is a compression and file packaging utility. Description zip does not check the resulting path length when doing recursive folder compression. Impact An attacker could exploit this by enticing another user or web application to create an archive including a specially-crafted path...

10CVSS3.3AI score0.09246EPSS
Exploits0
Rows per page
Query Builder