Search
Total
1052 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-6971 | 1 Lenovo | 1 System Update | 2017-10-17 | 7.2 HIGH | 7.8 HIGH |
| Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to submit commands to the System Update service (SUService.exe) and gain privileges by launching signed Lenovo executables. | |||||
| CVE-2015-5704 | 2 Devscripts Devel Team, Fedoraproject | 2 Devscripts, Fedora | 2017-10-06 | 7.2 HIGH | 7.8 HIGH |
| scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands. | |||||
| CVE-2017-14081 | 1 Trendmicro | 1 Mobile Security | 2017-09-29 | 6.5 MEDIUM | 8.8 HIGH |
| Proxy command injection vulnerabilities in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | |||||
| CVE-2015-3678 | 1 Apple | 1 Mac Os X | 2017-09-22 | 7.2 HIGH | N/A |
| AppleThunderboltEDMService in Apple OS X before 10.10.4 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified Thunderbolt commands. | |||||
| CVE-2015-3716 | 1 Apple | 1 Mac Os X | 2017-09-22 | 4.4 MEDIUM | N/A |
| Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a crafted name of a photo file within the local photo library. | |||||
| CVE-2017-1352 | 1 Ibm | 1 Maximo Asset Management | 2017-09-21 | 6.0 MEDIUM | 5.5 MEDIUM |
| IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538. | |||||
| CVE-2016-0861 | 1 Ge | 1 Ups Snmp Web Adapter Firmware | 2017-09-10 | 9.0 HIGH | 8.8 HIGH |
| General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2014-7209 | 1 Debian | 1 Mime-support | 2017-09-08 | 7.5 HIGH | N/A |
| run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename. | |||||
| CVE-2013-7416 | 1 Canto | 1 Canto Curses | 2017-09-08 | 7.5 HIGH | N/A |
| canto_curses/guibase.py in Canto Curses before 0.9.0 allows remote feed servers to execute arbitrary commands via shell metacharacters in a URL in a feed. | |||||
| CVE-2014-5009 | 3 Nagios, Redhat, Snoopy | 3 Nagios, Openstack, Snoopy | 2017-08-29 | 7.5 HIGH | 9.8 CRITICAL |
| Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008. | |||||
| CVE-2013-2810 | 1 Emerson | 6 Dl 8000 Remote Terminal Unit, Dl 8000 Remote Terminal Unit Firmware, Roc 800 Remote Terminal Unit and 3 more | 2017-08-29 | 10.0 HIGH | N/A |
| Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to execute arbitrary commands via a TCP replay attack. | |||||
| CVE-2012-4086 | 1 Cisco | 1 Unified Computing System | 2017-08-29 | 5.1 MEDIUM | N/A |
| A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20790. | |||||
| CVE-2017-12756 | 1 Extplorer | 1 Extplorer | 2017-08-20 | 6.5 MEDIUM | 7.2 HIGH |
| Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile[0] parameter. | |||||
| CVE-2014-8903 | 1 Ibm | 1 Curam Social Program Management | 2017-08-14 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authenticated users to load arbitrary Java classes via unspecified vectors. | |||||
| CVE-2017-11391 | 1 Trendmicro | 1 Interscan Messaging Security Virtual Appliance | 2017-08-07 | 6.5 MEDIUM | 8.8 HIGH |
| Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "t" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4744. | |||||
| CVE-2017-11392 | 1 Trendmicro | 1 Interscan Messaging Security Virtual Appliance | 2017-08-05 | 6.5 MEDIUM | 8.8 HIGH |
| Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0 and 9.1 allows remote attackers to execute arbitrary code on vulnerable installations. The specific flaw can be exploited by parsing the "T" parameter within modTMCSS Proxy. Formerly ZDI-CAN-4745. | |||||
| CVE-2016-0920 | 1 Emc | 1 Avamar Server | 2017-07-30 | 7.2 HIGH | 7.8 HIGH |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration. | |||||
| CVE-2016-7399 | 1 Veritas | 2 Netbackup Appliance, Netbackup Appliance Firmware | 2017-07-27 | 10.0 HIGH | 9.8 CRITICAL |
| scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1.2, 2.7.x through 2.7.3, and 3.0.x allow remote attackers to execute arbitrary commands via shell metacharacters in the hostName parameter to appliancews/getLicense. | |||||
| CVE-2016-9873 | 1 Emc | 1 Documentum D2 | 2017-07-25 | 6.5 MEDIUM | 6.3 MEDIUM |
| EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authenticated low-privileged attacker could potentially exploit this vulnerability to access information, modify data or disrupt services by causing execution of arbitrary DQL commands on the application. | |||||
| CVE-2017-9980 | 1 Greenpacket | 2 Dx-350, Dx-350 Firmware | 2017-07-24 | 7.5 HIGH | 9.8 CRITICAL |
| In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing) feature within the web interface allows performing command injection, via the "pip" parameter. | |||||
| CVE-2017-4054 | 1 Mcafee | 1 Advanced Threat Defense | 2017-07-17 | 6.5 MEDIUM | 8.8 HIGH |
| Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter. | |||||
| CVE-2017-4918 | 1 Vmware | 1 Horizon View | 2017-07-08 | 10.0 HIGH | 9.8 CRITICAL |
| VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed. | |||||
| CVE-2014-9622 | 1 Gentoo | 1 Xdg-utils | 2017-07-01 | 6.8 MEDIUM | N/A |
| Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. | |||||
| CVE-2014-8990 | 3 Debian, Fedoraproject, Lsyncd Project | 3 Debian Linux, Fedora, Lsyncd | 2017-07-01 | 7.5 HIGH | N/A |
| default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename. | |||||
| CVE-2017-4984 | 1 Emc | 4 Vnx1, Vnx1 Firmware, Vnx2 and 1 more | 2017-06-29 | 10.0 HIGH | 9.8 CRITICAL |
| In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, an unauthenticated remote attacker may be able to elevate their permissions to root through a command injection. This may potentially be exploited by an attacker to run arbitrary code with root-level privileges on the targeted VNX Control Station system, aka remote code execution. | |||||
| CVE-2015-4046 | 1 Alienvault | 1 Open Source Security Information Management | 2017-05-30 | 6.5 MEDIUM | 7.2 HIGH |
| The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php. | |||||
| CVE-2015-8257 | 1 Axis | 11 Cannon Network Camera, Explosion-protected Camera, Fixed Box Camera and 8 more | 2017-05-16 | 9.0 HIGH | 8.8 HIGH |
| The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml. | |||||
| CVE-2017-2324 | 1 Juniper | 1 Northstar Controller | 2017-04-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to cause a denial of service condition. | |||||
| CVE-2017-7722 | 1 Solarwinds | 1 Log \& Event Manager | 2017-04-21 | 10.0 HIGH | 10.0 CRITICAL |
| In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when the SSH service is accessed with "cmc" and "password" (the default username and password). By exploiting a vulnerability in the restrictssh feature of the menuing script, an attacker can escape from the restricted shell. | |||||
| CVE-2016-4989 | 2 Redhat, Setroubleshoot Project | 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more | 2017-04-17 | 6.9 MEDIUM | 7.0 HIGH |
| setroubleshoot allows local users to bypass an intended container protection mechanism and execute arbitrary commands by (1) triggering an SELinux denial with a crafted file name, which is handled by the _set_tpath function in audit_data.py or via a crafted (2) local_id or (3) analysis_id field in a crafted XML document to the run_fix function in SetroubleshootFixit.py, related to the subprocess.check_output and commands.getstatusoutput functions, a different vulnerability than CVE-2016-4445. | |||||
| CVE-2016-4446 | 2 Redhat, Setroubleshoot Project | 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more | 2017-04-17 | 6.9 MEDIUM | 7.0 HIGH |
| The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function. | |||||
| CVE-2016-4445 | 2 Redhat, Setroubleshoot Project | 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more | 2017-04-17 | 6.9 MEDIUM | 7.0 HIGH |
| The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function. | |||||
| CVE-2016-4444 | 2 Redhat, Setroubleshoot Project | 5 Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server and 2 more | 2017-04-17 | 6.9 MEDIUM | 7.0 HIGH |
| The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function. | |||||
| CVE-2016-10322 | 1 Synology | 1 Photo Station | 2017-04-17 | 6.5 MEDIUM | 8.8 HIGH |
| Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. | |||||
| CVE-2016-5067 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2017-04-14 | 9.0 HIGH | 8.8 HIGH |
| Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection. | |||||
| CVE-2016-5065 | 1 Sierrawireless | 2 Aleos Firmware, Gx 440 | 2017-04-14 | 7.5 HIGH | 9.8 CRITICAL |
| Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command injection. | |||||
| CVE-2016-6534 | 1 Opmantek | 1 Network Management Information System | 2017-04-14 | 6.0 MEDIUM | 7.5 HIGH |
| Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in the tools.pl CGI script. Versions before 8.5.12G might be affected in non-default configurations. | |||||
| CVE-2016-10312 | 1 Jensenofscandinavia | 6 Al3g, Al3g Firmware, Al5000ac and 3 more | 2017-04-10 | 10.0 HIGH | 9.8 CRITICAL |
| Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC) version 1.13, and Air:Link 59300 (AL59300) version 1.04 (Rev. 4) devices allow remote attackers to execute arbitrary commands via shell metacharacters to certain /goform/* pages. | |||||
| CVE-2016-8801 | 1 Huawei | 2 Oceanstor 5600 V3, Oceanstor 5600 V3 Firmware | 2017-04-05 | 9.0 HIGH | 7.2 HIGH |
| Huawei OceanStor 5600 V3 with V300R003C00C10 and earlier versions allows attackers with administrator privilege to inject a command into a specific command's parameters, and run this injected command with root privilege. | |||||
| CVE-2008-7313 | 3 Nagios, Redhat, Snoopy | 3 Nagios, Openstack, Snoopy | 2017-04-04 | 7.5 HIGH | 9.8 CRITICAL |
| The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796. | |||||
| CVE-2014-5008 | 3 Debian, Redhat, Snoopy | 3 Debian Linux, Openstack, Snoopy | 2017-04-04 | 7.5 HIGH | 9.8 CRITICAL |
| Snoopy allows remote attackers to execute arbitrary commands. | |||||
| CVE-2017-6184 | 1 Sophos | 1 Web Appliance | 2017-04-04 | 6.5 MEDIUM | 4.7 MEDIUM |
| In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303. | |||||
| CVE-2017-6183 | 1 Sophos | 1 Web Appliance | 2017-04-04 | 6.5 MEDIUM | 7.2 HIGH |
| In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. | |||||
| CVE-2015-8988 | 1 Mcafee | 1 Epo Deep Command | 2017-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path. | |||||
| CVE-2016-4929 | 1 Juniper | 1 Junos Space | 2017-03-22 | 9.0 HIGH | 8.8 HIGH |
| Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user. | |||||
| CVE-2017-5675 | 1 Embedthis | 1 Goahead | 2017-03-15 | 9.0 HIGH | 8.8 HIGH |
| A command-injection vulnerability exists in a web application on a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models. The mail-sending form in the mail.htm page allows an attacker to inject a command into the receiver1 field in the form; it will be executed with root privileges. | |||||
| CVE-2016-9337 | 1 Tesla | 1 Gateway Ecu | 2017-03-14 | 4.0 MEDIUM | 6.8 MEDIUM |
| An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version 7.1 (2.36.31) with web browser functionality enabled. The vehicle's Gateway ECU is susceptible to commands that may allow an attacker to install malicious software allowing the attacker to send messages to the vehicle's CAN bus, a Command Injection. | |||||
| CVE-2016-9554 | 1 Sophos | 1 Web Appliance | 2017-03-13 | 9.0 HIGH | 7.2 HIGH |
| The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn't properly escape the information passed in the 'url' variable before calling the executeCommand class function ($this->dtObj->executeCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the 'section' parameter) is: 'configuration'. Exploitation of this vulnerability yields shell access to the remote machine under the 'spiderman' user account. | |||||
| CVE-2016-10194 | 1 Festivaltts4r Project | 1 Festivaltts4r | 2017-03-09 | 7.5 HIGH | 9.8 CRITICAL |
| The festivaltts4r gem for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in a string to the (1) to_speech or (2) to_mp3 method in lib/festivaltts4r/festival4r.rb. | |||||
| CVE-2016-9553 | 1 Sophos | 1 Web Appliance | 2017-03-08 | 9.0 HIGH | 7.2 HIGH |
| The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn't properly escape the information passed in the variables 'unblockip' and 'blockip' before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name 'escapedips' - however this was not the case. The Sophos ID is NSWA-1258. | |||||