CWE:
 

Topic
Date
Author
High
EyesOfNetwork 5.1 Remote Command Execution
17.08.2019
Nassim Asrir
High
Mitsubishi Electric smartRTU / INEA ME-RTU Unauthenticated OS Command Injection Bind Shell
14.08.2019
xerubus
Med.
Mitel 6869i Voip Deskphone 4.2.2032 Command Injection
12.08.2019
Axel Rengstorf
High
ATutor 2.2.4 Arbitrary File Upload / Command Execution
06.08.2019
liquidsky
Med.
KDE 4/5 KDesktopFile Command Injection
06.08.2019
Dominik Penner
High
Opencart 2.3.0.2 Insecure OCMod Generation Remote Command Execution
06.08.2019
Todor Donev
High
Apache Tika 1.17 Header Command Injection
03.08.2019
h00die
High
Sar2HTML 3.2.1 Remote Command Execution
03.08.2019
Furkan Kayapinar
High
Veritas Resiliency Platform (VRP) Traversal / Command Execution
01.08.2019
David Dillard
High
Sahi Pro 8.0.0 Remote Command Execution
25.07.2019
Özkan Mustafa Akkuş ...
High
PHP Laravel Framework Token Unserialize Remote Command Execution
16.07.2019
aushack
High
Citrix SD-WAN Appliance 10.2.2 Authentication Bypass / Remote Command Execution
16.07.2019
Chris Lyne
High
Xymon 4.3.25 useradm Command Execution (Metasploit)
12.07.2019
Anonymous
High
Linux Mint 18.3-19.1 yelp Command Injection (Metasploit)
05.07.2019
b1ackr0wl
Med.
Mac OS X TimeMachine (tmdiagnose) Command Injection Privilege Escalation
01.07.2019
timwr
High
Linux Mint 19.1 yelp Command Injection
01.07.2019
b1ack0wl
High
FaceSentry Access Control System 6.4.8 Remote Command Injection
01.07.2019
LiquidWorm
High
SAPIDO RB-1732 Remote Command Execution
27.06.2019
k1nm3n.aotoi
High
Fortinet FCM-MB40 Cross Site Request Forgery / Remote Command Execution
26.06.2019
XORcat
High
FortiCam FCM-MB40 Code Execution / Privilege Escalation
25.06.2019
XORcat
High
FusionPBX 4.4.3 Remote Command Execution
13.06.2019
Dustin Cobb
Low
Moxa AWK-3121 1.14 Information Disclosure / Command Execution
12.06.2019
Samuel Huntley
High
Exim 4.9.1 Remote Command Execution
07.06.2019
Qualys
High
LibreNMS addhost Command Injection
06.06.2019
Shelby Pace
High
Firefly CMS 1.0 Remote Command Execution
13.05.2019
Felipe Andrian Peixoto
Med.
Gemalto DS3 Authentication Server / Ezio Server Command Injection / File Disclosure
11.05.2019
TING Meng Yean
High
PostgreSQL 9.3 COPY FROM PROGRAM Command Execution (Metasploit)
11.05.2019
Jacob Wilki
High
PostgreSQL COPY FROM PROGRAM Command Execution
08.05.2019
Jacob Wilkin
Med.
D-Link DWL-2600AP Authenticated OS Command Injection
07.05.2019
Raki Ben Hamouda
Med.
Barco/AWIND OEM Presentation Platform Unauthenticated Remote Command Injection
04.05.2019
Jacob Baines
High
Blue Angel Software Suite Command Execution
04.05.2019
Paolo Serracino
Low
Domoticz 4.10577 Unauthenticated Remote Command Execution
01.05.2019
Fabio Carretto
Med.
Sierra Wireless AirLink ES450 ACEManager iplogging.cgi Command Injection
28.04.2019
Cisco Talos
High
ManageEngine Applications Manager 14.0 Authentication Bypass / Remote Command Execution (Metasploit)
23.04.2019
AkkuS
High
RemoteMouse 3.008 Arbitrary Remote Command Execution
17.04.2019
0rphon
High
Cisco RV130W Routers Management Interface Remote Command Execution
15.04.2019
Quentin Kaiser
Med.
TeemIp IPAM Command Injection
04.04.2019
Ozkan Mustafa Akkus
High
PhreeBooks ERP 5.2.3 Remote Command Execution
04.04.2019
Metin Yunus Kandemir
High
Pydio 8 Command Execution / Cross Site Scripting
29.03.2019
Leandro Cuozzo
High
Webmin 1.900 Upload Authenticated Remote Command Execution
16.03.2019
Ozkan Mustafa Akkus
High
BMC Patrol Agent Privilege Escalation / Command Execution
16.03.2019
b0yd
High
Apache Tika Server Command Injection
14.03.2019
David Yesland
High
QNAP TS-431 QTS < 4.2.2 Remote Command Execution (Metasploit)
10.03.2019
AkkuS
High
Oracle Weblogic Server Deserialization Remote Command Execution
09.03.2019
Allyshka
High
Feng Office 3.7.0.5 Remote Command Execution (Metasploit)
09.03.2019
AkkuS
High
QNAP TS-431 QTS Remote Command Execution
08.03.2019
Ozkan Mustafa Akkus
High
Imperva SecureSphere 13.x PWS Command Injection
07.03.2019
rsp3ar
High
Booked Scheduler 2.7.5 Remote Command Execution
05.03.2019
Ozkan Mustafa Akkus
High
elFinder 2.1.47 Command Injection
05.03.2019
q3rv0
High
Usermin 1.750 Remote Command Execution
03.03.2019
Ozkan Mustafa Akkus
High
Teracue ENC-400 Command Injection / Missing Authentication
22.02.2019
Stephen Shkardoon
High
Master IP CAM 01 3.3.4.2103 Remote Command Execution
19.02.2019
Raffaele Sabato
High
mIRC Remote Command Execution
19.02.2019
Baptiste Devigne
Med.
MISP 2.4.97 SQL Injection / Command Injection
19.02.2019
Tm9jdGlz
Med.
Jinja2 2.10 Command Injection
17.02.2019
Jameel Nabbo
High
Raisecom Technology GPON-ONU HT803G-07 Command Injection
13.02.2019
Kaustubh G. Padwad
Med.
SYSTORME ISG Command Injection
13.02.2019
Kaustubh G. Padwad
High
Jenkins 2.150.2 Remote Command Execution Via Node JS
13.02.2019
Ozkan Mustafa Akkus
Med.
Evince CBT File Command Injection
07.02.2019
FX
Med.
Dell EMC VNX2 Family OS Command Injection
05.02.2019
Dell
High
Splunk Enterprise 7.2.3 Command Execution
25.01.2019
Lee Mazzoleni
High
Cisco RV320 Command Injection
24.01.2019
CGI
High
Webmin 1.900 Remote Command Execution
22.01.2019
Ozkan Mustafa Akkus
Med.
GL-AR300M-Lite 2.2.7 Command Injection / Directory Traversal
17.01.2019
Pasquale Turi
High
Hashicorp Consul Remote Command Execution via Rexec (Metasploit)
11.01.2019
Quentin Kaiser
High
Hashicorp Consul Rexec Remote Command Execution
29.12.2018
Quentin Kaiser
High
Hashicorp Consul Services API Remote Command Execution
29.12.2018
Quentin Kaiser
High
Razer Cortex Debugger Remote Command Execution
18.12.2018
Tavis Ormandy
High
Huawei Router HG532e Command Execution
16.12.2018
Rebellion
High
Cisco RV110W Password Disclosure / Command Execution
15.12.2018
RySh
Med.
FutureNet NXR-G240 Series ShellShock Command Injection
09.12.2018
Nassim Asrir
High
Moxa NPort W2x50A 2.1 OS Command Injection
03.12.2018
Maxim Khazov
High
Apache Spark Unauthenticated Command Execution (Metasploit)
02.12.2018
Metasploit
High
Cisco WebEx Meetings Privilege Escalation
29.11.2018
Core Security Technolo...
High
TeamCity Agent XML-RPC Command Execution
29.11.2018
Dylan Pindur
High
Netgear Devices Unauthenticated Remote Command Execution (Metasploit)
28.11.2018
Metasploit
Med.
Citrix NetScaler SD-WAN SQL Injection / Traversal / Command Injection
24.10.2018
Sergey Gordeychik
High
Teltonika RUT9XX Unauthenticated OS Command Injection
15.10.2018
David Gnedt
High
ISPConfig Remote Command Execution
05.10.2018
0x09AL
High
Tenable WAS-Scanner 7.4.1708 Remote Command Execution
07.09.2018
Sameer Goyal
Med.
Ghostscript Failed Restore Command Execution
07.09.2018
Tavis Ormandy
Med.
WordPress Plugin Plainview Activity Monitor 20161228 Command Injection
28.08.2018
Lydéric Lefebvre
High
D-Link EyeOn Baby Monitor (DCS-825L) Command Injection
24.08.2018
Dove Chiu
High
PLANEX CS-QR20 Command Execution
24.08.2018
Kenney Lu
High
Mutiny Monitoring Appliance Command Injection
24.08.2018
Reginald Dodd
High
ASUSTOR ADM 3.1.0.RFQ3 Remote Command Execution / SQL Injection
16.08.2018
Kyle Lovett
High
ASUS DSL-N12E_C1 1.1.2.3_345 Remote Command Execution
03.08.2018
Fakhri Zulkifli
High
CoSoSys Endpoint Protector 4.5.0.1 Remote Root Command Injection
03.08.2018
0x09AL
High
Axis Network Camera Remote Command Execution
27.07.2018
sinn3r
High
SoftNAS Cloud OS Command Injection
27.07.2018
CORE
High
CMS Made Simple 2.2.5 Authenticated Remote Command Execution
20.07.2018
Jacob Robles
High
QNAP Q Center change_passwd Command Execution
17.07.2018
Ivan Huertas
High
Hadoop YARN ResourceManager Unauthenticated Command Execution (Metasploit)
14.07.2018
Green-m
Med.
QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection
13.07.2018
Core Security Technolo...
High
HID discoveryd command_blink_on Unauthenticated Remote Command Execution
08.07.2018
Brendan Coles
Med.
HP VAN SDN Controller Root Command Injection
08.07.2018
Matthew Bergin
Med.
Quest KACE Systems Management Command Injection
02.07.2018
Metasploit
High
VMware NSX SD-WAN Edge Command Injection
02.07.2018
Section 8
High
Geutebruck simple_loglistjs.cgi Remote Command Execution
02.07.2018
Davy Douhine
High
TP-Link TL-WR841N V13 Command Injection
29.06.2018
Tim Coen


CVEMAP Search Results

CVE
Details
Description
2019-08-20
Medium
CVE-2019-8098

Vendor: Adobe
Software: Acrobat dc
 

 
Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

 
2019-08-11
Medium
CVE-2019-14934

Vendor: Pdfresurrect project
Software: Pdfresurrect
 

 
An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.

 
2019-08-08
High
CVE-2019-1971

Updating...
 

 
A vulnerability in the web portal of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to perform a command injection attack and execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the web portal framework. An attacker could exploit this vulnerability by providing malicious input during web portal authentication. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.

 
2019-08-06
High
CVE-2019-5684

Vendor: Nvidia
Software: Gpu driver
 

 
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.

 
High
CVE-2019-14699

Vendor: Microdigital
Software: Mdc-n2190v f...
 

 
An issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. An attacker can exploit OS Command Injection in the filename parameter for remote code execution as root. This occurs in the Mainproc executable file, which can be run from the HTTPD web server.

 
High
CVE-2019-5685

Vendor: Nvidia
Software: Gpu driver
 

 
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.

 
High
CVE-2019-13106

Vendor: DENX
Software: U-boot
 

 
Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much data while reading a crafted ext4 filesystem, which results in a stack buffer overflow and likely code execution.

 
Medium
CVE-2019-14697

Updating...
 

 
musl libc through 1.1.23 has an x87 floating-point stack adjustment imbalance, related to the math/i386/ directory. In some cases, use of this library could introduce out-of-bounds writes that are not present in an application's source code.

 
2019-08-02
Medium
CVE-2019-10961

Vendor: Advantech
Software: Webaccess hm...
 

 
In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, processing specially crafted MCR files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, allowing remote code execution.

 
Medium
CVE-2017-18446

Vendor: Cpanel
Software: Cpanel
 

 
cPanel before 64.0.21 allows file-read and file-write operations for demo accounts via the SourceIPCheck API (SEC-250).

 

 


Copyright 2019, cxsecurity.com

 

Back to Top