Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dash vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2017-17831
GitHub Git LFS prior to 2.1.1 allows remote malicious users to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository.
Git Large File Storage Project Git Large File Storage
383
VMScore
CVE-2015-7519
agent/Core/Controller/SendRequest.cpp in Phusion Passenger prior to 4.0.60 and 5.0.x prior to 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote malicious users to spoof headers passed to applications by using an _ (undersc...
Phusionpassenger Phusion Passenger 5.0.13
Phusionpassenger Phusion Passenger 5.0.0
Phusionpassenger Phusion Passenger 5.0.4
Phusionpassenger Phusion Passenger 5.0.12
Phusionpassenger Phusion Passenger 5.0.17
Phusionpassenger Phusion Passenger
Phusionpassenger Phusion Passenger 5.0.14
Phusionpassenger Phusion Passenger 5.0.18
Phusionpassenger Phusion Passenger 5.0.5
Phusionpassenger Phusion Passenger 5.0.11
Phusionpassenger Phusion Passenger 5.0.2
Phusionpassenger Phusion Passenger 5.0.6
Phusionpassenger Phusion Passenger 5.0.19
Phusionpassenger Phusion Passenger 5.0.3
Phusionpassenger Phusion Passenger 5.0.9
Phusionpassenger Phusion Passenger 5.0.21
Phusionpassenger Phusion Passenger 5.0.16
Phusionpassenger Phusion Passenger 5.0.20
Phusionpassenger Phusion Passenger 5.0.10
Phusionpassenger Phusion Passenger 5.0.7
Phusionpassenger Phusion Passenger 5.0.8
Phusionpassenger Phusion Passenger 5.0.1
445
VMScore
CVE-2015-0885
checkpw 1.02 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via a -- (dash dash) in a username.
Debian Debian Linux 7.0
Checkpw Project Checkpw
NA
CVE-2022-32967
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.
Realtek Rtl8111ep-cg Firmware
Realtek Rtl8111ep-cg Firmware 5.0.10
Realtek Rtl8111fp-cg Firmware
Realtek Rtl8111fp-cg Firmware 5.0.10
445
VMScore
CVE-2017-16023
Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 up to and including 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack.
Decamelize Project Decamelize 1.1.0
Decamelize Project Decamelize 1.1.1
NA
CVE-2022-48581
A command injection vulnerability exists in the “dash export” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...
Sciencelogic Sl1
481
VMScore
CVE-2009-2458
Unspecified vulnerability in Sun Fire V215 Server, when using XVR-100 graphic cards on system boards with part number 375-3463 and a hardware dash level -04 or later, allows remote malicious users to cause a denial of service (panic) via unknown vectors.
Sun Sun Fire Server V215
828
VMScore
CVE-2017-14176
Bazaar up to and including 2.7.0, when Subprocess SSH is used, allows remote malicious users to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-...
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.04
Canonical Bazaar
755
VMScore
CVE-2006-0544
urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large num...
Microsoft Ie 7.0
1 EDB exploit
605
VMScore
CVE-2015-1877
The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote malicious users to execute arbitrary commands via a crafted file.
Freedesktop Xdg-utils 1.1.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »