Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
shell vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2017-5206
Firejail prior to 0.9.44.4, when running on a Linux kernel prior to 4.8, allows context-dependent malicious users to bypass a seccomp-based sandbox protection mechanism via the --allow-debuggers argument.
Firejail Project Firejail
641
VMScore
CVE-2017-5207
Firejail prior to 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument.
Firejail Project Firejail
655
VMScore
CVE-2017-11321
The restricted shell interface in UCOPIA Wireless Appliance prior to 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.
Ucopia Wireless Appliance
1 EDB exploit
NA
CVE-2023-35808
An issue exists in SugarCRM Enterprise prior to 11.0.6 and 12.x prior to 12.0.3. An Unrestricted File Upload vulnerability has been identified in the Notes module. By using crafted requests, custom PHP code can be injected and executed through the Notes module because of missing ...
Sugarcrm Sugarcrm
755
VMScore
CVE-2005-0439
Buffer overflow in the decode_post function in ELOG prior to 2.5.7 allows remote malicious users to execute arbitrary code via attachments with long file names.
Stefan Ritt Elog Web Logbook 2.0.2
Stefan Ritt Elog Web Logbook 2.0.3
Stefan Ritt Elog Web Logbook 2.2.0
Stefan Ritt Elog Web Logbook 2.2.1
Stefan Ritt Elog Web Logbook 2.2.2
Stefan Ritt Elog Web Logbook 2.0.0
Stefan Ritt Elog Web Logbook 2.0.1
Stefan Ritt Elog Web Logbook 2.1.2
Stefan Ritt Elog Web Logbook 2.1.3
Stefan Ritt Elog Web Logbook 2.5.6
Stefan Ritt Elog Web Logbook 2.0.4
Stefan Ritt Elog Web Logbook 2.0.5
Stefan Ritt Elog Web Logbook 2.2.3
Stefan Ritt Elog Web Logbook 2.2.4
Stefan Ritt Elog Web Logbook 2.1.0
Stefan Ritt Elog Web Logbook 2.1.1
Stefan Ritt Elog Web Logbook 2.4
Stefan Ritt Elog Web Logbook 2.5
1 EDB exploit
605
VMScore
CVE-2014-8085
Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass prior to 3.4.3 allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct r...
Osclass Osclass
NA
CVE-2024-25830
F-logic DataCube3 v1.0 is vulnerable to Incorrect Access Control due to an improper directory access restriction. An unauthenticated, remote attacker can exploit this, by sending a URI that contains the path of the configuration file. A successful exploit could allow the maliciou...
1 Github repository
NA
CVE-2024-25832
F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension.
1 Github repository
NA
CVE-2023-39147
An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows malicious users to execute arbitrary code via uploading a crafted image file.
Webkul Uvdesk 1.1.3
801
VMScore
CVE-2022-27249
An unrestricted file upload vulnerability in IdeaRE RefTree prior to 2021.09.17 allows remote authenticated users to execute arbitrary code by using UploadDwg to upload a crafted aspx file to the web root, and then visiting the URL for this aspx resource.
Idearespa Reftree
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »