Total
3837 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-18934 | 3 Fedoraproject, Nlnetlabs, Opensuse | 3 Fedora, Unbound, Leap | 2023-11-07 | 6.8 MEDIUM | 7.3 HIGH |
| Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration. | |||||
| CVE-2019-18182 | 2 Fedoraproject, Pacman Project | 2 Fedora, Pacman | 2023-11-07 | 6.8 MEDIUM | 9.8 CRITICAL |
| pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted database and package. | |||||
| CVE-2019-18396 | 1 Technicolor | 2 Td5130v2, Td5130v2 Firmware | 2023-11-07 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in certain Oi third-party firmware that may be installed on Technicolor TD5130v2 devices. A Command Injection in the Ping module in the Web Interface in OI_Fw_V20 allows remote attackers to execute arbitrary OS commands in the pingAddr parameter to mnt_ping.cgi. NOTE: This may overlap CVE-2017–14127. | |||||
| CVE-2019-18183 | 2 Fedoraproject, Pacman Project | 2 Fedora, Pacman | 2023-11-07 | 6.8 MEDIUM | 9.8 CRITICAL |
| pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted database and delta file. | |||||
| CVE-2019-18424 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2023-11-07 | 6.9 MEDIUM | 6.8 MEDIUM |
| An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to an untrusted domain, it is possible for that domain to program the device to DMA to an arbitrary address. The IOMMU is used to protect the host from malicious DMA by making sure that the device addresses can only target memory assigned to the guest. However, when the guest domain is torn down, or the device is deassigned, the device is assigned back to dom0, thus allowing any in-flight DMA to potentially target critical host data. An untrusted domain with access to a physical device can DMA into host memory, leading to privilege escalation. Only systems where guests are given direct access to physical devices capable of DMA (PCI pass-through) are vulnerable. Systems which do not use PCI pass-through are not vulnerable. | |||||
| CVE-2019-14889 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2023-11-07 | 9.3 HIGH | 8.8 HIGH |
| A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target. | |||||
| CVE-2019-14744 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2023-11-07 | 5.1 MEDIUM | 7.8 HIGH |
| In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. | |||||
| CVE-2019-12735 | 2 Neovim, Vim | 2 Neovim, Vim | 2023-11-07 | 9.3 HIGH | 8.6 HIGH |
| getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. | |||||
| CVE-2019-13640 | 1 Qbittorrent | 1 Qbittorrent | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In qBittorrent before 4.1.7, the function Application::runExternalProgram() located in app/application.cpp allows command injection via shell metacharacters in the torrent name parameter or current tracker parameter, as demonstrated by remote command execution via a crafted name within an RSS feed. | |||||
| CVE-2019-13638 | 2 Debian, Gnu | 2 Debian Linux, Patch | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156. | |||||
| CVE-2019-10791 | 1 Promise-probe Project | 1 Promise-probe | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| promise-probe before 0.10.0 allows remote attackers to perform a command injection attack. The file, outputFile and options functions can be controlled by users without any sanitization. | |||||
| CVE-2019-10776 | 1 Git-diff-apply Project | 1 Git-diff-apply | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions prior to 0.22.2. | |||||
| CVE-2019-10807 | 1 Blamer Project | 1 Blamer | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Blamer versions prior to 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer. | |||||
| CVE-2018-6662 | 2 Apple, Mcafee | 2 Mac Os X, Management Of Native Encryption | 2023-11-07 | 7.2 HIGH | 7.8 HIGH |
| Privilege Escalation vulnerability in McAfee Management of Native Encryption (MNE) before 4.1.4 allows local users to gain elevated privileges via a crafted user input. | |||||
| CVE-2018-19907 | 1 Craftercms | 1 Crafter Cms | 2023-11-07 | 6.5 MEDIUM | 8.8 HIGH |
| A Server-Side Template Injection issue was discovered in Crafter CMS 3.0.18. Attackers with developer privileges may execute OS commands by Creating/Editing a template file (.ftl filetype) that triggers a call to freemarker.template.utility.Execute in the FreeMarker library during rendering of a web page. | |||||
| CVE-2018-12465 | 1 Microfocus | 1 Secure Messaging Gateway | 2023-11-07 | 9.0 HIGH | 7.2 HIGH |
| An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that used GWAVA product name (i.e. GWAVA 6.5). | |||||
| CVE-2018-11805 | 2 Apache, Debian | 2 Spamassassin, Debian Linux | 2023-11-07 | 7.2 HIGH | 6.7 MEDIUM |
| In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf files from trusted places. | |||||
| CVE-2018-1000006 | 2 Atom, Microsoft | 4 Electron, Windows 10, Windows 7 and 1 more | 2023-11-07 | 9.3 HIGH | 8.8 HIGH |
| GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16. | |||||
| CVE-2018-1000666 | 2 Gig, Openvcloud Project | 2 Jumpscale, Openvcloud | 2023-11-07 | 10.0 HIGH | 9.8 CRITICAL |
| GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in method: notifySpaceModification; that can result in Improper validation of parameters results in command execution. This attack appear to be exploitable via Network connectivity, required minimal auth privileges (everyone can register an account). This vulnerability appears to have been fixed in After commit 15443122ed2b1cbfd7bdefc048bf106f075becdb. | |||||
| CVE-2017-9274 | 1 Opensuse | 1 Obs-service-source Validator | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs. | |||||