Search
Total
373 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-7465 | 1 Redhat | 1 Jboss Enterprise Application Platform | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable to code injection. An attacker could use this flaw to cause remote code execution if they are able to provide XSLT content for parsing. Doing a transform in JAXP requires the use of a 'javax.xml.transform.TransformerFactory'. If the FEATURE_SECURE_PROCESSING feature is set to 'true', it mitigates this vulnerability. | |||||
| CVE-2017-3907 | 1 Mcafee | 1 Mcafee Threat Intelligence Exchange | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector. | |||||
| CVE-2017-1789 | 1 Ibm | 1 Tivoli Monitoring | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034. | |||||
| CVE-2017-16151 | 1 Electronjs | 1 Electron | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the [sandbox option](https://electron.atom.io/docs/api/sandbox-option) is enabled. | |||||
| CVE-2017-16082 | 1 Node-postgres | 1 Pg | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a malicious column name. 2) Connecting to an untrusted database and executing a query which returns results where any of the column names are malicious. | |||||
| CVE-2017-1001002 | 1 Mathjs | 1 Math.js | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution. | |||||
| CVE-2017-0899 | 3 Debian, Redhat, Rubygems | 8 Debian Linux, Enterprise Linux Desktop, Enterprise Linux Server and 5 more | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences. | |||||
| CVE-2016-10546 | 1 Pouchdb | 1 Pouchdb | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| An arbitrary code injection vector was found in PouchDB 6.0.4 and lesser via the map/reduce functions used in PouchDB temporary views and design documents. The code execution engine for this branch is not properly sandboxed and may be used to run arbitrary JavaScript as well as system commands. | |||||
| CVE-2016-10541 | 1 Shell-quote Project | 1 Shell-quote | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| The npm module "shell-quote" 1.6.0 and earlier cannot correctly escape ">" and "<" operator used for redirection in shell. Applications that depend on shell-quote may also be vulnerable. A malicious user could perform code injection. | |||||
| CVE-2014-5401 | 1 Hospira | 1 Mednet | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Hospira MedNet software version 5.8 and prior uses vulnerable versions of the JBoss Enterprise Application Platform software that may allow unauthenticated users to execute arbitrary code on the target system. Hospira has developed a new version of the MedNet software, MedNet 6.1. Existing versions of MedNet can be upgraded to MedNet 6.1. | |||||
| CVE-2011-2767 | 4 Apache, Canonical, Debian and 1 more | 7 Mod Perl, Ubuntu Linux, Debian Linux and 4 more | 2019-09-24 | 10.0 HIGH | 9.8 CRITICAL |
| mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes. | |||||
| CVE-2018-1999019 | 1 Chamilo | 1 Chamilo Lms | 2019-09-17 | 7.5 HIGH | 9.8 CRITICAL |
| Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62. | |||||
| CVE-2019-14282 | 1 Simple Captcha2 Project | 1 Simple Captcha2 | 2019-09-03 | 7.5 HIGH | 9.8 CRITICAL |
| The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. | |||||
| CVE-2019-14281 | 1 Datagrid Project | 1 Datagrid | 2019-09-03 | 7.5 HIGH | 9.8 CRITICAL |
| The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. | |||||
| CVE-2019-15224 | 1 Rest-client Project | 1 Rest-client | 2019-08-29 | 7.5 HIGH | 9.8 CRITICAL |
| The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions <=1.6.9 and >=1.6.14 are unaffected. | |||||
| CVE-2018-13043 | 2 Canonical, Debian | 2 Ubuntu Linux, Devscripts | 2019-08-19 | 7.5 HIGH | 9.8 CRITICAL |
| scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. | |||||
| CVE-2019-14746 | 1 Kuaifan | 1 Kuaifancms | 2019-08-14 | 7.5 HIGH | 9.8 CRITICAL |
| A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request. | |||||
| CVE-2018-11780 | 4 Apache, Canonical, Debian and 1 more | 4 Spamassassin, Ubuntu Linux, Debian Linux and 1 more | 2019-08-06 | 7.5 HIGH | 9.8 CRITICAL |
| A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2. | |||||
| CVE-2019-13956 | 1 Codersclub | 1 Discuz\!ml | 2019-07-31 | 7.5 HIGH | 9.8 CRITICAL |
| Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH4_0df5_language=en to 4gH4_0df5_language=en'.phpinfo().'; (if the random prefix 4gH4_0df5_ were used). | |||||
| CVE-2019-13354 | 1 Strong Password Project | 1 Strong Password | 2019-07-10 | 7.5 HIGH | 9.8 CRITICAL |
| The strong_password gem 0.0.7 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 0.0.6. | |||||
| CVE-2016-7954 | 1 Bundler | 1 Bundler | 2019-07-02 | 7.5 HIGH | 9.8 CRITICAL |
| Bundler 1.x might allow remote attackers to inject arbitrary Ruby code into an application by leveraging a gem name collision on a secondary source. NOTE: this might overlap CVE-2013-0334. | |||||
| CVE-2015-5243 | 1 Phpwhois Project | 1 Phpwhois | 2019-06-26 | 7.5 HIGH | 9.8 CRITICAL |
| phpWhois allows remote attackers to execute arbitrary code via a crafted whois record. | |||||
| CVE-2018-18258 | 1 Bagesoft | 1 Bagecms | 2019-06-26 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI. | |||||
| CVE-2017-14853 | 1 Orpak | 1 Siteomat | 2019-06-04 | 10.0 HIGH | 9.8 CRITICAL |
| The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an attacker is able to run shell commands and receive valid output from the device. | |||||
| CVE-2019-6816 | 1 Schneider-electric | 2 Modicon Quantum, Modicon Quantum Firmware | 2019-05-23 | 6.4 MEDIUM | 9.1 CRITICAL |
| In Modicon Quantum all firmware versions, a CWE-94: Code Injection vulnerability could cause an unauthorized firmware modification with possible Denial of Service when using Modbus protocol. | |||||
| CVE-2018-17173 | 1 Lg | 1 Supersign Cms | 2019-05-06 | 7.5 HIGH | 9.8 CRITICAL |
| LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. | |||||
| CVE-2018-11228 | 1 Crestron | 8 Crestron Toolbox Protocol Firmware, Dmc-str, Tsw-1060 and 5 more | 2019-05-02 | 10.0 HIGH | 9.8 CRITICAL |
| Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP). | |||||
| CVE-2018-5782 | 1 Mitel | 2 Connect Onsite, St14.2 | 2019-04-26 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vsethost.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application. | |||||
| CVE-2018-19595 | 1 Pbootcms | 1 Pbootcms | 2019-04-17 | 7.5 HIGH | 9.8 CRITICAL |
| PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current={pboot:if(evAl($_GET[a]))}1{/pboot:if}&a=phpinfo(); URI, because of an incorrect apps\home\controller\ParserController.php parserIfLabel protection mechanism. | |||||
| CVE-2019-6713 | 1 Thinkcmf | 1 Thinkcmf | 2019-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code by using vectors involving portal/List/index and list/:id to inject this code into data\conf\route.php, as demonstrated by a file_put_contents call. | |||||
| CVE-2019-10842 | 1 Getbootstrap | 1 Bootstrap-sass | 2019-04-11 | 10.0 HIGH | 9.8 CRITICAL |
| Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary code on the target system. Note that there are three underscore characters in the cookie name. This is unrelated to the __cfduid cookie that is legitimately used by Cloudflare. | |||||
| CVE-2019-10684 | 1 74cms | 1 74cms | 2019-04-03 | 7.5 HIGH | 9.8 CRITICAL |
| Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter. | |||||
| CVE-2018-1260 | 1 Pivotal Software | 1 Spring Security Oauth | 2019-03-13 | 7.5 HIGH | 9.8 CRITICAL |
| Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the authorization endpoint that can lead to remote code execution when the resource owner is forwarded to the approval endpoint. | |||||
| CVE-2019-9651 | 1 Sdcms | 1 Sdcms | 2019-03-11 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the check_bad() function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions (such as "eval") are blocked but others (such as "system") are not, and because ".php" is blocked but ".PHP" is not blocked. | |||||
| CVE-2018-13818 | 1 Symfony | 1 Twig | 2019-03-08 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it. | |||||
| CVE-2019-9227 | 1 Baigo | 1 Baigo Cms | 2019-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BG_SITE_NAME parameter with malicious code can be written into the opt_base.inc.php file. | |||||
| CVE-2018-6012 | 1 Rainmachine | 2 Mini-8, Mini-8 Firmware | 2019-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 (2nd generation) allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function. | |||||
| CVE-2019-7720 | 1 Taogogo | 1 Taocms | 2019-02-13 | 7.5 HIGH | 9.8 CRITICAL |
| taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request. | |||||
| CVE-2018-20768 | 1 Xerox | 58 Workcentre 3655, Workcentre 3655 Firmware, Workcentre 3655i and 55 more | 2019-02-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file. | |||||
| CVE-2019-7719 | 1 Nibbleblog | 1 Nibbleblog | 2019-02-11 | 7.5 HIGH | 9.8 CRITICAL |
| Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request. | |||||
| CVE-2018-20300 | 1 Phome | 1 Empirecms | 2019-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file. | |||||
| CVE-2018-19127 | 1 Phpcms | 1 Phpcms | 2019-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_template/*.tpl.php file along with a "<?php function " substring. | |||||
| CVE-2019-0247 | 1 Sap | 1 Cloud Connector | 2019-01-17 | 7.5 HIGH | 9.8 CRITICAL |
| SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application. | |||||
| CVE-2018-16168 | 1 Jpcert | 1 Logontracer | 2019-01-15 | 7.5 HIGH | 9.8 CRITICAL |
| LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors. | |||||
| CVE-2018-20605 | 1 Txjia | 1 Imcat | 2019-01-09 | 7.5 HIGH | 9.8 CRITICAL |
| imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php file. | |||||
| CVE-2018-1000881 | 1 Traccar | 1 Server | 2019-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution. This attack appear to be exploitable via Remote: web application request by a self-registered user. This vulnerability appears to have been fixed in 4.1 and later. | |||||
| CVE-2018-20027 | 1 Lisa-lab | 1 Pylearn2 | 2019-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| The yaml_parse.load method in Pylearn2 allows code injection. | |||||
| CVE-2018-20133 | 1 Ymlref Project | 1 Ymlref | 2019-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| ymlref allows code injection. | |||||
| CVE-2018-18903 | 1 Vanillaforums | 1 Vanilla | 2018-12-26 | 7.5 HIGH | 9.8 CRITICAL |
| Vanilla 2.6.x before 2.6.4 allows remote code execution. | |||||
| CVE-2018-19196 | 1 Xiaocms | 1 Xiaocms | 2018-12-13 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in XiaoCms 20141229. It allows remote attackers to execute arbitrary code by using the type parameter to bypass the standard admin\controller\uploadfile.php restrictions on uploaded file types (jpg, jpeg, bmp, png, gif), as demonstrated by an admin/index.php?c=uploadfile&a=uploadify_upload&type=php URI. | |||||