Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wget vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-7665
Tails prior to 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback i...
Tails Project Tails
760
VMScore
CVE-2014-8517
The fetch_url function in usr.bin/ftp/fetch.c in tnftp, as used in NetBSD 5.1 up to and including 5.1.4, 5.2 up to and including 5.2.2, 6.0 up to and including 6.0.6, and 6.1 up to and including 6.1.5 allows remote malicious users to execute arbitrary commands via a | (pipe) char...
Apple Mac Os X 10.10.1
Apple Mac Os X 10.10.0
Apple Mac Os X 10.9.5
Apple Mac Os X 10.8.5
Netbsd Netbsd 5.1.3
Netbsd Netbsd 5.1.4
Netbsd Netbsd 5.2
Netbsd Netbsd 6.0.4
Netbsd Netbsd 6.0.5
Netbsd Netbsd 6.1.5
Netbsd Netbsd 5.1
Netbsd Netbsd 6.0
Netbsd Netbsd 6.0.1
Netbsd Netbsd 6.1.1
Netbsd Netbsd 6.1.2
Netbsd Netbsd 5.2.1
Netbsd Netbsd 5.2.2
Netbsd Netbsd 6.0.6
Netbsd Netbsd 6.1
Netbsd Netbsd 5.1.1
Netbsd Netbsd 5.1.2
Netbsd Netbsd 6.0.2
2 EDB exploits
1 Github repository
1 Article
515
VMScore
CVE-2010-2246
feh prior to 1.8, when the --wget-timestamp option is enabled, might allow remote malicious users to execute arbitrary commands via shell metacharacters in a URL.
Feh Project Feh 1.2.6
Feh Project Feh 1.2.5
Feh Project Feh 1.2.3
Feh Project Feh 1.2.1
Feh Project Feh 1.6
Feh Project Feh 1.4.3
Feh Project Feh 1.3.1
Feh Project Feh 1.2.7
Feh Project Feh 1.2.0
Feh Project Feh 0.9.9
Feh Project Feh 1.4.1
Feh Project Feh 1.4
Feh Project Feh 1.3.5
Feh Project Feh
Feh Project Feh 0.6.4
Feh Project Feh 0.5.0
Feh Project Feh 1.6.1
Feh Project Feh 1.5
Feh Project Feh 1.4.2
Feh Project Feh 1.3.3
Feh Project Feh 1.3.0
Feh Project Feh 1.1.0
1 EDB exploit
605
VMScore
CVE-2010-2252
GNU Wget 1.12 and previous versions uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by ...
Gnu Wget 1.8.2
Gnu Wget 1.8.1
Gnu Wget 1.11.3
Gnu Wget 1.11.2
Gnu Wget 1.8
Gnu Wget 1.7.1
Gnu Wget 1.11.1
Gnu Wget 1.11
Gnu Wget 1.9
Gnu Wget 1.5.3
Gnu Wget 1.11.4
Gnu Wget 1.9.1
Gnu Wget
Gnu Wget 1.7
Gnu Wget 1.6
Gnu Wget 1.10.2
Gnu Wget 1.10.1
Gnu Wget 1.10
605
VMScore
CVE-2009-3490
GNU Wget prior to 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote malicious users to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Cert...
Gnu Wget 1.10.1
Gnu Wget 1.10.2
Gnu Wget 1.9
Gnu Wget 1.9.1
Gnu Wget 1.11.1
Gnu Wget 1.5.3
Gnu Wget 1.6
Gnu Wget 1.11.2
Gnu Wget 1.11.3
Gnu Wget 1.10
Gnu Wget 1.8
Gnu Wget 1.8.1
Gnu Wget 1.7
Gnu Wget 1.7.1
Gnu Wget 1.11
Gnu Wget
505
VMScore
CVE-2006-6719
The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote malicious users to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command.
Gnu Wget 1.7
Gnu Wget 1.7.1
Gnu Wget 1.10.1
Gnu Wget 1.10.2
Gnu Wget 1.8.2
Gnu Wget 1.9
Gnu Wget 1.5.3
Gnu Wget 1.6
Gnu Wget 1.9.1
Gnu Wget 1.10
Gnu Wget 1.8
Gnu Wget 1.8.1
1 EDB exploit
454
VMScore
CVE-2006-2550
perlpodder prior to 0.5 allows remote malicious users to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548.
Perlpodder Perlpodder 0.3
Perlpodder Perlpodder
Perlpodder Perlpodder 0.2
755
VMScore
CVE-2006-2548
Prodder prior to 0.5, and perlpodder prior to 0.5, allows remote malicious users to execute arbitrary code via shell metacharacters in the URL of a podcast (url attribute of an enclosure tag, or $enc_url variable), which is executed when running wget.
Perlpodder Perlpodder 0.3
Prodder Prodder 0.3
Perlpodder Perlpodder 0.2
Prodder Prodder
Perlpodder Perlpodder
1 EDB exploit
668
VMScore
CVE-2005-3185
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
Libcurl Libcurl 7.13.2
Wget Wget 1.10
Curl Curl 7.13.2
187
VMScore
CVE-2005-1879
LutelWall 0.97 and previous versions allows local users to overwrite arbitrary files via a symlink attack on a temporary file created by a system call to wget.
Lutel Lutelwall
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »