CWE:
 

Topic
Date
Author
Med.
Moxa AWK-3131A 1.4 < 1.7 Username OS Command Injection
04.04.2018
Talos
High
Homematic CCU2 2.29.23 Remote Command Execution
31.03.2018
Patrick Muench and Gre...
High
Eclipse Equinoxe OSGi Console Command Execution
08.03.2018
Quentin Kaiser
High
ClipBucket < 4.0.0 Release 4902 Command Injection / File Upload / SQL Injection
06.03.2018
Ahmad Ramadhan Amizudi...
High
OTRS 5.0.2, 5.0.0 - 5.0.24, 6.0.0 - 6.0.1 Command Injection
04.03.2018
Ali BawazeEer
High
McAfee Security Scan Plus Remote Command Execution
16.02.2018
SecuriTeam
High
NAT32 2.2 Build 22284 Remote Command Execution
14.02.2018
hyp3rlinx
High
NetEx HyperIP 6.1.0 Post-Auth Command Execution
11.02.2018
Matt Bergin
High
Geovision Inc. IP Camera / Video Server Remote Command Execution
08.02.2018
bashis
High
Geovision Inc. IP Camera Remote Command Execution / Stack Overflow
03.02.2018
bashis
High
BMC Server Automation RSCD Agent NSH Remote Command Execution
01.02.2018
Nicky Bloor
Med.
OTRS 5.0.x/6.0.x Remote Command Execution
22.01.2018
Bæln0rn
Med.
Belkin N600DB Command Injection / Backdoor
18.01.2018
Wadeek
Med.
pfSense 2.1.3 status_rrd_graph_img.php Command Injection
16.01.2018
absolomb
High
D-Link DNS-343 ShareCenter 1.05 Command Injection
15.01.2018
GulfTech
High
D-Link DNS-325 ShareCenter 1.05B03 Shell Upload / Command Injection
15.01.2018
Phosphorus Cybersecuri...
High
Flash Operator Panel 2.31.03 Command Execution
13.01.2018
Vulnerability Lab
High
HPE iMC dbman RestoreDBase Unauthenticated Remote Command Execution
10.01.2018
Brendan
High
HPE iMC dbman RestartDB Unauthenticated Remote Command Execution
10.01.2018
Brendan
High
Commvault Communications Service (cvd) Command Injection
09.01.2018
b0yd
High
Oracle WebLogic < 10.3.6 wls-wsat Component Deserialisation Remote Command Execution
08.01.2018
Kevin Kirsche
High
Linksys WVBR0-25 User-Agent Command Execution
04.01.2018
HeadlessZeke
High
Cambium ePMP1000 get_chart Shell via Command Injection (Metasploit)
01.01.2018
Karn Ganeshen
High
Cambium ePMP1000 ping Shell via Command Injection (Metasploit)
01.01.2018
Karn Ganeshen
High
Cambium ePMP1000 3.1-3.5-RC7 Command Injection
31.12.2017
Karn
Med.
Cambium ePMP1000 2.5 Command Injection
31.12.2017
Karn
High
Zoom Linux Client 2.0.106600.0904 Command Injection
18.12.2017
Gabriel Quadros, Ricar...
High
ITGuard-Manager 0.0.0.1 Remote Command Execution
15.12.2017
Nassim Asrir
High
Zivif PR115-204-P-RS 2.3.4.2103 Bypass / Command Injection / Hardcoded Password
13.12.2017
Silas
High
LaCie 5big Network 2.2.8 Command Injection
07.12.2017
Timo Sablowski
High
Polycom Shell HDX Series Traceroute Command Execution
06.12.2017
staaldraad
High
OpenEMR 5.0.0 Command Injection / Cross Site Scripting
04.12.2017
Jasveer
High
Synology StorageManager 5.2 Remote Root Command Execution
29.11.2017
SecuriTeam
High
pfSense 2.3.1_1 Remote Command Execution
29.11.2017
h00die, s4squatch
High
Mako Server 2.5 OS Command Injection Remote Command Execution
17.11.2017
Steven Patterson
High
D-Link DIR-850L Unauthenticated Command Execution
14.11.2017
Zdenda
High
Mako Server 2.5 Command Injection
09.11.2017
Steven Patterson
High
pfSense 2.3.1_1 Command Execution
07.11.2017
s4squatch
High
tnftp "savefile" Arbitrary Command Execution
03.11.2017
wvu
Med.
Sonicwall WXA5000 1.3.2-10-30 Console Jail Escape / Privilege Escalation
25.10.2017
Matt Bergin
High
Unitrends UEB bpserverd Authentication Bypass / Remote Command Execution
22.10.2017
Multiple
High
Webmin 1.850 SSRF / CSRF / Cross Site Scripting / Command Execution
18.10.2017
hyp3rlinx
High
Shadowsocks Log Manipulation / Command Execution
15.10.2017
X41 D-Sec
High
Shadowsocks-libev 3.1.0 Command Execution
15.10.2017
X41 D-Sec
High
Unitrends UEB 9.1 Unitrends bpserverd Remote Command Execution
06.10.2017
Multiple
High
Unitrends UEB 9.1 Authentication Bypass / Remote Command Execution
06.10.2017
Multiple
High
Netgear ReadyNAS Surveillance 1.4.3-16 Remote Command Execution
05.10.2017
Kacper Szurek
Med.
Fiberhome AN5506-04-F Command Injection
04.10.2017
Tauco
High
UCOPIA Wireless Appliance Restricted Shell Escape
30.09.2017
SYSDREAM
Med.
UCOPIA Wireless Appliance Privilege Escalation
30.09.2017
SYSDREAM
High
Faleemi FSC-880 CSRF / SQL Injection / Command Execution
29.09.2017
Oleg Puzanov
High
Git cvsserver Remote Command Execution
28.09.2017
joernchen
High
NodeJS Debugger Command Injection
26.09.2017
Patrick Thomas
High
FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection
26.09.2017
Gjoko 'LiquidWorm' Krs...
High
Infinite Automation Mango Automation Command Injection
14.09.2017
james fitts
High
Alienvault OSSIM av-centerd 4.7.0 get_log_line Command Injection
13.09.2017
james fitts
High
Alienvault OSSIM av-centerd Util.pm sync_rserver Command Execution
13.09.2017
james fitts
High
Alienvault Open Source SIEM (OSSIM) < 4.7.0 get_license Remote Command Execution
13.09.2017
james fitts
High
WiseGiga NAS CSRF / LFI / Command Execution
12.09.2017
Pierre Kim
High
QNAP Transcode Server Command Execution
29.08.2017
Brendan
High
Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution
21.08.2017
Philip Pettersson
High
Ubiquiti Networks UniFi Cloud Key Firmware 0.6.1 Command Injection
05.08.2017
SEC
High
VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command Execution (Metasploit)
28.07.2017
Brendan Coles
High
VICIdial user_authorization Unauthenticated Command Execution
22.07.2017
Brendan
High
Sonicwall SRA 8.1.0.2-14sv gencsr.cgi Command Injection
21.07.2017
xort
High
Sonicwall importlogo/sitecustomization Remote Command Injection
21.07.2017
xort
High
Sophos Web Appliance 4.3.0.2 trafficType Remote Command Injection
18.07.2017
xort
High
Barracuda Load Balancer Firmware <= 6.0.1.006 - Remote Command Injection
18.07.2017
xort
High
NfSec 1.3.7 / AlienVault USM/OSSIM 5.3.4 Command Injection
11.07.2017
Paul Taylor
High
NfSen <= 1.3.7 / AlienVault OSSIM 5.3.4 - Command Injection
11.07.2017
Paul Taylor
High
PDNS Manager Remote Command Execution
06.07.2017
RedTeam Pentesting
High
GoAutoDial 3.3 Authentication Bypass / Command Injection
05.07.2017
Chris McCurley
High
Netgear DGN2200 dnslookup.cgi Command Injection
27.06.2017
thecarterb
High
Netgear DGN2200 dnslookup.cgi Command Injection
25.06.2017
SivertPL
High
Atlassian SourceTree 2.5c Command Execution
23.05.2017
Alfred and Sandro
High
WordPress PHPMailer Host Header Command Injection
17.05.2017
wvu
High
Serviio Media Server checkStreamUrl Command Execution
17.05.2017
Brendan Coles
High
I, Librarian PDF Manager 4.6 / 4.7 Command Injection / SSRF / Enumeration
10.05.2017
SE Consult
Med.
Atlassian SourceTree 2.5c Client URL Handler Command Injection
05.05.2017
redrain
High
Ghostscript 9.21 Type Confusion Arbitrary Command Execution
02.05.2017
hdm
Med.
Alerton Webtalk 2.5 / 3.3 Hash Disclosure / CSRF / Command Injection
28.04.2017
David Tomaschik
Med.
WePresent WiPG-1000 Command Injection
25.04.2017
Matthias Brun
Med.
Solarwinds LEM 6.3.1 Shell Escape Command Injection
25.04.2017
Matt Bergin
High
Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution
19.04.2017
Roberto Suggi Liverani...
High
Huawei HG532n Command Injection
18.04.2017
Ahmed S. Darwish
High
AlienVault USM/OSSIM 5.3.4 / 5.3.5 Remote Command Execution
14.04.2017
Peter Lapp
High
EON 5.0 Remote Code Execution
24.03.2017
SYSDREAM Labs
High
Logsign Remote Command Injection
24.03.2017
Mehmet Ince
High
dnaLIMS Admin Module Command Execution
21.03.2017
flakey_biscuit
High
Ubiquiti Networks Command Injection
18.03.2017
T. Weber
High
Netgear R7000 / R6400 cgi-bin Command Injection
14.03.2017
thecarterb
High
Wireless IP Camera (P2P) WIFICAM GoAhead Backdoor / Remote Command Execution
10.03.2017
Pierre Kim
High
Struts2 S2-045 Remote Command Execution
08.03.2017
dsaw dash
High
Bull / IBM AIX Clusterwatch / Watchware File Write / Command Injection
08.03.2017
RandoriSec
High
Western Digital My Cloud Command Injection / File Upload
08.03.2017
Wan Ikram
High
NetGain Enterprise Manager 7.2.562 Command Execution
04.03.2017
MrChaZ
High
Netgear DGN2201 v1/v2/v3/v4 dnslookup.cgi Remote Command Execution
27.02.2017
SivertPL
High
Sonicwall SRA 8.1.0.2-14sv viewcert.cgi Remote Command Execution
24.02.2017
xort
High
Sophos Web Appliance 4.2.1.3 Remote Command Execution
24.02.2017
xort @ Critical Start
High
Siklu EtherHaul Remote Command Execution
24.02.2017
Ian Ling


CVEMAP Search Results

CVE
Details
Description
2018-03-22
High
CVE-2018-0539

Vendor: Qqq systems project
Software: Qqq systems
 

 
QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors.

 
2018-03-21
Medium
CVE-2018-7517

Vendor: Omron
Software: Cx-supervisor
 

 
In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability.

 
2018-03-16
Medium
CVE-2018-1068

Vendor: Linux
Software: Linux kernel
 

 
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

 
2018-03-15
Medium
CVE-2017-16747

Vendor: Deltaww
Software: Delta indust...
 

 
An Out-of-bounds Write issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Specially crafted .dpb files may cause the system to write outside the intended buffer area.

 
2018-03-14
Medium
CVE-2018-1000120

Vendor: HAXX
Software: CURL
 

 
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse.

 
2018-03-12
Medium
CVE-2017-6281

Vendor: Google
Software: Android
 

 
NVIDIA libnvomx contains a possible out of bounds write due to a improper input validation which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-66969318. Reference: N-CVE-2017-6281.

 
Medium
CVE-2017-6286

Vendor: Google
Software: Android
 

 
NVIDIA libnvomx contains a possible out of bounds write due to a missing bounds check which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-64893247. Reference: N-CVE-2017-6286.

 
2018-03-11
Medium
CVE-2016-5314

Vendor: Libtiff
Software: Libtiff
 

 
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.

 
Medium
CVE-2014-8129

Vendor: Libtiff
Software: Libtiff
 

 
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.

 
2018-03-09
High
CVE-2018-0523

Vendor: Buffalo
Software: Wxr-1900dhp2...
 

 
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top