Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

v-secure vulnerabilities and exploits

(subscribe to this query)

9.3
CVSSv2
CVE-2008-3074
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a...
Vim Tar.vim V.10Vim Tar.vim V.11Vim Tar.vim V.12Vim Tar.vim V.13Vim Tar.vim V.14Vim Tar.vim V.15Vim Tar.vim V.16Vim Tar.vim V.17Vim Tar.vim V.18Vim Tar.vim V.19Vim Tar.vim V.20Vim Tar.vim V.21Vim Tar.vim V.22Vim Vim 7.0Vim Vim 7.1Vim Vim 7.1.266Vim Vim 7.1.314Vim Vim 7.2
7.5
CVSSv2
CVE-2003-0963
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands....
Alexander V. Lukyanov Lftp 2.3Alexander V. Lukyanov Lftp 2.4.9Alexander V. Lukyanov Lftp 2.5.2Alexander V. Lukyanov Lftp 2.6.0Alexander V. Lukyanov Lftp 2.6.3Alexander V. Lukyanov Lftp 2.6.4Alexander V. Lukyanov Lftp 2.6.5Alexander V. Lukyanov Lftp 2.6.6Alexander V. Lukyanov Lftp 2.6.7Alexander V. Lukyanov Lftp 2.6.8Alexander V. Lukyanov Lftp 2.6.9
4.3
CVSSv2
CVE-2008-3061
Open redirect vulnerability in redirect.php in V-webmail 1.5.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the to parameter....
V-webmail V-webmail 1.5.0
6.8
CVSSv2
CVE-2021-22655
Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0)....
Fujielectric V-serverFujielectric V-simulator
6.8
CVSSv2
CVE-2021-22653
Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0)....
Fujielectric V-serverFujielectric V-simulator
6.8
CVSSv2
CVE-2021-22641
A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0)....
Fujielectric V-serverFujielectric V-simulator
7.5
CVSSv2
CVE-2006-2665
PHP remote file inclusion vulnerability in includes/mailaccess/pop3/core.php in V-Webmail 1.3 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter....
V-webmail V-webmail
7.5
CVSSv2
CVE-2006-2666
PHP remote file inclusion vulnerability in includes/mailaccess/pop3.php in V-Webmail 1.5 through 1.6.4 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[pear_dir] parameter....
V-webmail V-webmail
6.8
CVSSv2
CVE-2021-22637
Multiple stack-based buffer overflow issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to...
Fujielectric V-serverFujielectric V-simulator
6.8
CVSSv2
CVE-2021-22639
An uninitialized pointer issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0)....
Fujielectric V-serverFujielectric V-simulator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middleCVE-2021-20661CVE-2020-4953CVE-2018-19518CVE-2021-27645CVE-2021-3156CVE-2021-26684deserializationwireless