Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dash vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-17831
GitHub Git LFS prior to 2.1.1 allows remote malicious users to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository.
Git Large File Storage Project Git Large File Storage
7.5
CVSSv3
CVE-2017-16023
Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 up to and including 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack.
Decamelize Project Decamelize 1.1.1
Decamelize Project Decamelize 1.1.0
2.1
CVSSv3
CVE-2022-32967
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.
Realtek Rtl8111ep-cg Firmware 5.0.10
Realtek Rtl8111ep-cg Firmware
Realtek Rtl8111fp-cg Firmware 5.0.10
Realtek Rtl8111fp-cg Firmware
8.8
CVSSv3
CVE-2022-48581
A command injection vulnerability exists in the “dash export” feature of the ScienceLogic SL1 that takes unsanitized user controlled input and passes it directly to a shell command. This allows for the injection of arbitrary commands to the underlying operating system...
Sciencelogic Sl1
3.7
CVSSv3
CVE-2015-7519
agent/Core/Controller/SendRequest.cpp in Phusion Passenger prior to 4.0.60 and 5.0.x prior to 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote malicious users to spoof headers passed to applications by using an _ (undersc...
Phusionpassenger Phusion Passenger 5.0.14
Phusionpassenger Phusion Passenger 5.0.13
Phusionpassenger Phusion Passenger 5.0.6
Phusionpassenger Phusion Passenger 5.0.19
Phusionpassenger Phusion Passenger 5.0.18
Phusionpassenger Phusion Passenger 5.0.17
Phusionpassenger Phusion Passenger 5.0.10
Phusionpassenger Phusion Passenger 5.0.9
Phusionpassenger Phusion Passenger 5.0.2
Phusionpassenger Phusion Passenger 5.0.1
Phusionpassenger Phusion Passenger 5.0.16
Phusionpassenger Phusion Passenger 5.0.15
Phusionpassenger Phusion Passenger 5.0.8
Phusionpassenger Phusion Passenger 5.0.7
Phusionpassenger Phusion Passenger 5.0.0
Phusionpassenger Phusion Passenger 5.0.21
Phusionpassenger Phusion Passenger 5.0.20
Phusionpassenger Phusion Passenger 5.0.12
Phusionpassenger Phusion Passenger 5.0.11
Phusionpassenger Phusion Passenger 5.0.4
Phusionpassenger Phusion Passenger 5.0.3
Phusionpassenger Phusion Passenger
NA
CVE-2015-0885
checkpw 1.02 and previous versions allows remote malicious users to cause a denial of service (infinite loop) via a -- (dash dash) in a username.
Debian Debian Linux 7.0
Checkpw Project Checkpw
NA
CVE-2009-2458
Unspecified vulnerability in Sun Fire V215 Server, when using XVR-100 graphic cards on system boards with part number 375-3463 and a hardware dash level -04 or later, allows remote malicious users to cause a denial of service (panic) via unknown vectors.
Sun Sun Fire Server V215
8.8
CVSSv3
CVE-2017-14176
Bazaar up to and including 2.7.0, when Subprocess SSH is used, allows remote malicious users to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-...
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 14.04
Canonical Bazaar
NA
CVE-2006-0544
urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 (aka 7.0.5296.0) allows remote malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large num...
Microsoft Ie 7.0
1 EDB exploit
NA
CVE-2014-3203
Unity prior to 7.2.1, as used in Ubuntu 14.04, does not properly restrict access to the Dash when the lock screen is active, which allows physically proximate malicious users to bypass the lock screen and execute arbitrary commands, as demonstrated by pressing the SUPER key befor...
Canonical Ubuntu Linux 14.04
Ayatana Project Unity
Ayatana Project Unity 7.1.3
Ayatana Project Unity 7.0.0
Ayatana Project Unity 7.1.2
Ayatana Project Unity 7.1.0
Ayatana Project Unity 7.1.1
Ayatana Project Unity 7.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »