Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wget vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2016-9554
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the compone...
Sophos Web Appliance 4.2.1.3
1 EDB exploit
6.8
CVSSv2
CVE-2016-7098
Race condition in wget 1.17 and previous versions, when used in recursive or mirroring mode to download a single file, might allow remote servers to bypass intended access list restrictions by keeping an HTTP connection open.
Gnu Wget
1 EDB exploit
5
CVSSv2
CVE-2015-7665
Tails prior to 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback i...
Tails Project Tails
7.5
CVSSv2
CVE-2014-8517
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 up to and including 5.1.4, 5.2 up to and including 5.2.2, 6.0 up to and including 6.0.6, and 6.1 up to and including 6.1.5 allows remote malicious users to execute arbitrary commands via a | (pipe) char...
Apple Mac Os X 10.10.1
Apple Mac Os X 10.10.0
Apple Mac Os X 10.9.5
Apple Mac Os X 10.8.5
Netbsd Netbsd 5.1.3
Netbsd Netbsd 5.1.4
Netbsd Netbsd 5.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.5
Netbsd Netbsd 5.1
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 5.2.1
Netbsd Netbsd 5.2.2
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 5.1.1
Netbsd Netbsd 5.1.2
Netbsd Netbsd 6.0.2
2 EDB exploits
1 Github repository
1 Article
5
CVSSv2
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
305 Github repositories
4 Articles
5.1
CVSSv2
CVE-2010-2246
feh prior to 1.8, when the --wget-timestamp option is enabled, might allow remote malicious users to execute arbitrary commands via shell metacharacters in a URL.
Feh Project Feh 1.2.6
Feh Project Feh 1.2.5
Feh Project Feh 1.2.3
Feh Project Feh 1.2.1
Feh Project Feh 1.6
Feh Project Feh 1.4.3
Feh Project Feh 1.3.1
Feh Project Feh 1.2.7
Feh Project Feh 1.2.0
Feh Project Feh 0.9.9
Feh Project Feh 1.4.1
Feh Project Feh 1.4
Feh Project Feh 1.3.5
Feh Project Feh
Feh Project Feh 0.6.4
Feh Project Feh 0.5.0
Feh Project Feh 1.6.1
Feh Project Feh 1.5
Feh Project Feh 1.4.2
Feh Project Feh 1.3.3
Feh Project Feh 1.3.0
Feh Project Feh 1.1.0
1 EDB exploit
6.8
CVSSv2
CVE-2010-2252
GNU Wget 1.12 and previous versions uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by ...
Gnu Wget 1.8.2
Gnu Wget 1.8.1
Gnu Wget 1.11.3
Gnu Wget 1.11.2
Gnu Wget 1.8
Gnu Wget 1.7.1
Gnu Wget 1.11.1
Gnu Wget 1.11
Gnu Wget 1.9
Gnu Wget 1.5.3
Gnu Wget 1.11.4
Gnu Wget 1.9.1
Gnu Wget
Gnu Wget 1.7
Gnu Wget 1.6
Gnu Wget 1.10.2
Gnu Wget 1.10.1
Gnu Wget 1.10
6.8
CVSSv2
CVE-2009-3490
GNU Wget prior to 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote malicious users to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Cert...
Gnu Wget 1.10.1
Gnu Wget 1.10.2
Gnu Wget 1.9
Gnu Wget 1.9.1
Gnu Wget 1.11.1
Gnu Wget 1.5.3
Gnu Wget 1.6
Gnu Wget 1.11.2
Gnu Wget 1.11.3
Gnu Wget 1.10
Gnu Wget 1.8
Gnu Wget 1.8.1
Gnu Wget 1.7
Gnu Wget 1.7.1
Gnu Wget 1.11
Gnu Wget
5
CVSSv2
CVE-2006-6719
The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote malicious users to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command.
Gnu Wget 1.7
Gnu Wget 1.7.1
Gnu Wget 1.10.1
Gnu Wget 1.10.2
Gnu Wget 1.8.2
Gnu Wget 1.9
Gnu Wget 1.5.3
Gnu Wget 1.6
Gnu Wget 1.9.1
Gnu Wget 1.10
Gnu Wget 1.8
Gnu Wget 1.8.1
1 EDB exploit
7.5
CVSSv2
CVE-2006-2548
Prodder prior to 0.5, and perlpodder prior to 0.5, allows remote malicious users to execute arbitrary code via shell metacharacters in the URL of a podcast (url attribute of an enclosure tag, or $enc_url variable), which is executed when running wget.
Perlpodder Perlpodder 0.3
Prodder Prodder 0.3
Perlpodder Perlpodder 0.2
Prodder Prodder
Perlpodder Perlpodder
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »