Total
3673 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-4279 | 1 Cisco | 1 Unified Computing System | 2017-09-22 | 7.2 HIGH | N/A |
| The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allows local users to gain privileges for executing arbitrary CLI commands by leveraging access to the subordinate fabric interconnect, aka Bug ID CSCut32778. | |||||
| CVE-2017-10813 | 1 Corega | 2 Wlr 300 Nm, Wlr 300 Nm Firmware | 2017-09-20 | 7.7 HIGH | 6.8 MEDIUM |
| CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2015-7901 | 1 Infinite Automation Systems | 1 Mango Automation | 2017-09-16 | 6.5 MEDIUM | N/A |
| Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2015-6008 | 1 Refbase | 1 Refbase | 2017-09-16 | 7.5 HIGH | N/A |
| install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381. | |||||
| CVE-2017-14135 | 1 Dreambox | 1 Opendreambox | 2017-09-12 | 10.0 HIGH | 9.8 CRITICAL |
| enigma2-plugins/blob/master/webadmin/src/WebChilds/Script.py in the webadmin plugin for opendreambox 2.0.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the command parameter to the /script URI. | |||||
| CVE-2017-14127 | 1 Technicolor | 2 Td5336, Td5336 Firmware | 2017-09-08 | 10.0 HIGH | 9.8 CRITICAL |
| Command Injection in the Ping Module in the Web Interface on Technicolor TD5336 OI_Fw_v7 devices allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the pingAddr parameter to mnt_ping.cgi. | |||||
| CVE-2016-4853 | 1 Akabei Soft2 | 1 Happy Wardrobe | 2017-09-08 | 6.8 MEDIUM | 7.8 HIGH |
| AKABEi SOFT2 games allow remote attackers to execute arbitrary OS commands via crafted saved data, as demonstrated by Happy Wardrobe. | |||||
| CVE-2016-5679 | 2 Netgear, Nuuo | 2 Readynas Surveillance, Nvrmini 2 | 2017-09-03 | 9.0 HIGH | 8.8 HIGH |
| cgi-bin/cgi_main in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transfer_license command. | |||||
| CVE-2017-10832 | 1 Nippon-antenna | 2 Scr02hd, Scr02hd Firmware | 2017-08-31 | 10.0 HIGH | 9.8 CRITICAL |
| "Dokodemo eye Smart HD" SCR02HD Firmware 1.0.3.1000 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2014-4823 | 1 Ibm | 5 Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance, Security Access Manager For Web 7.0 Firmware and 2 more | 2017-08-29 | 10.0 HIGH | N/A |
| The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors. | |||||
| CVE-2014-3360 | 1 Cisco | 2 Ios, Ios Xe | 2017-08-29 | 7.8 HIGH | N/A |
| Cisco IOS 12.4 and 15.0 through 15.4 and IOS XE 3.1.xS, 3.2.xS, 3.3.xS, 3.4.xS, 3.5.xS, 3.6.xS, and 3.7.xS before 3.7.6S; 3.8.xS, 3.9.xS, and 3.10.xS before 3.10.1S; and 3.11.xS before 3.12S allow remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID CSCul46586. | |||||
| CVE-2014-3358 | 1 Cisco | 2 Ios, Ios Xe | 2017-08-29 | 7.8 HIGH | N/A |
| Memory leak in Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allows remote attackers to cause a denial of service (memory consumption, and interface queue wedge or device reload) via malformed mDNS packets, aka Bug ID CSCuj58950. | |||||
| CVE-2014-3357 | 1 Cisco | 2 Ios, Ios Xe | 2017-08-29 | 7.8 HIGH | N/A |
| Cisco IOS 15.0, 15.1, 15.2, and 15.4 and IOS XE 3.3.xSE before 3.3.2SE, 3.3.xXO before 3.3.1XO, 3.5.xE before 3.5.2E, and 3.11.xS before 3.11.1S allow remote attackers to cause a denial of service (device reload) via malformed mDNS packets, aka Bug ID CSCul90866. | |||||
| CVE-2014-3085 | 1 Ibm | 2 Global Console Manager 16 Firmware, Global Console Manager 32 Firmware | 2017-08-29 | 7.1 HIGH | N/A |
| systest.php on IBM GCM16 and GCM32 Global Console Manager switches with firmware before 1.20.20.23447 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the lpres parameter. | |||||
| CVE-2014-3008 | 1 Unitrends | 1 Enterprise Backup | 2017-08-29 | 10.0 HIGH | N/A |
| Unitrends Enterprise Backup 7.3.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the comm parameter to recoveryconsole/bpl/snmpd.php. | |||||
| CVE-2014-0887 | 1 Ibm | 1 Lotus Protector For Mail Security | 2017-08-29 | 7.1 HIGH | N/A |
| The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors. | |||||
| CVE-2014-0886 | 1 Ibm | 1 Lotus Protector For Mail Security | 2017-08-29 | 7.1 HIGH | N/A |
| The Admin Web UI in IBM Lotus Protector for Mail Security 2.8.x before 2.8.1-22905 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands via unspecified vectors. | |||||
| CVE-2014-0659 | 1 Cisco | 6 Rvs4000, Rvs4000 Firmware, Wap4410n and 3 more | 2017-08-29 | 10.0 HIGH | N/A |
| The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685. | |||||
| CVE-2013-7104 | 1 Mcafee | 1 Email Gateway | 2017-08-29 | 9.0 HIGH | N/A |
| McAfee Email Gateway 7.6 allows remote authenticated administrators to execute arbitrary commands by specifying them in the value attribute in a (1) Command or (2) Script XML element. NOTE: this issue can be combined with CVE-2013-7092 to allow remote attackers to execute commands. | |||||
| CVE-2013-7103 | 1 Mcafee | 1 Email Gateway | 2017-08-29 | 9.0 HIGH | N/A |
| McAfee Email Gateway 7.6 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the value attribute in a (1) TestFile XML element or the (2) hostname. NOTE: this issue can be combined with CVE-2013-7092 to allow remote attackers to execute commands. | |||||