映射到 CWE-78 的搜索结果 (218)

CVE-2017-6223(发布:2017-10-13 13:29:01)NM
CVSS9.3

[原文]Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less than 9.13.0.0.232 contain OS Command Injection vulnerabilities in the ping functionality that could allow local authenticated users to execute arbitrary privileged commands on the underlying operating system.

CVE-2015-3431(发布:2017-09-19 11:29:00)NM
CVSS10.0

[原文]Pydio (formerly AjaXplorer) before 6.0.7 allows remote attackers to execute arbitrary commands via unspecified vectors, aka "Pydio OS Command Injection Vulnerabilities."

CVE-2017-6796(发布:2017-09-07 17:29:01)NMS
CVSS7.2

[原文]A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the platform usb modem command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the platform usb modem command in the CLI of an affected device. A successful exploit could allow the attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. Cisco Bug IDs: CSCve48949.

CVE-2015-5958(发布:2017-08-31 18:29:00)NM
CVSS9.3

[原文]phpFileManager 0.9.8 allows remote attackers to execute arbitrary commands via a crafted URL.

CVE-2016-0634(发布:2017-08-28 11:29:01)NMPS
CVSS6.0

[原文]The expansion of '\h' in the prompt string in bash 4.3 allows remote authenticated users to execute arbitrary code via shell metacharacters placed in 'hostname' of a machine.

CVE-2017-6710(发布:2017-08-17 16:29:00)NMS
CVSS8.5

[原文]A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server. The vulnerability is due to command settings that allow Cisco VNF Element Manager users to specify arbitrary commands that will run as root on the server. An attacker could use this setting to elevate privileges and run commands in the context of the root user on the server. Cisco Bug IDs: CSCvc76670. Known Affected Releases: prior to 5.0.4 and 5.1.4.

12345678下一页尾页 第1页 / 共37页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站