Total
2087 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4822 | 1 Corega | 2 Cg-wlbargl, Cg-wlbargl Firmware | 2024-08-06 | 8.0 High |
| Corega CG-WLBARGL devices allow remote authenticated users to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2016-4445 | 2 Redhat, Setroubleshoot Project | 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 3 more | 2024-08-06 | N/A |
| The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to execute arbitrary commands as root by triggering an SELinux denial with a crafted file name, related to executing external commands with the commands.getstatusoutput function. | ||||
| CVE-2016-4446 | 2 Redhat, Setroubleshoot Project | 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 3 more | 2024-08-06 | N/A |
| The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function. | ||||
| CVE-2016-4444 | 2 Redhat, Setroubleshoot Project | 6 Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Hpc Node and 3 more | 2024-08-06 | N/A |
| The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary commands by triggering an execmod SELinux denial with a crafted binary filename, related to the commands.getstatusoutput function. | ||||
| CVE-2016-3105 | 2 Debian, Mercurial | 2 Debian Linux, Mercurial | 2024-08-05 | N/A |
| The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name. | ||||
| CVE-2016-3081 | 2 Apache, Oracle | 2 Struts, Siebel E-billing | 2024-08-05 | N/A |
| Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions. | ||||
| CVE-2016-3068 | 6 Debian, Fedoraproject, Mercurial and 3 more | 15 Debian Linux, Fedora, Mercurial and 12 more | 2024-08-05 | N/A |
| Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. | ||||
| CVE-2016-3069 | 6 Debian, Fedoraproject, Mercurial and 3 more | 15 Debian Linux, Fedora, Mercurial and 12 more | 2024-08-05 | N/A |
| Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. | ||||
| CVE-2016-2875 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2024-08-05 | N/A |
| IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows remote authenticated users to execute arbitrary OS commands as root via unspecified vectors. | ||||
| CVE-2016-2396 | 1 Sonicwall | 4 Analyzer, Global Management System, Uma Em5000 and 1 more | 2024-08-05 | N/A |
| The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input. | ||||
| CVE-2016-2397 | 1 Sonicwall | 4 Analyzer, Global Management System, Uma Em5000 and 1 more | 2024-08-05 | N/A |
| The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote attackers to deserialize and execute arbitrary Java code via crafted XML data. | ||||
| CVE-2016-2332 | 1 Systech | 2 Syslink Sl-1000 Modular Gateway, Syslink Sl-1000 Modular Gateway Firmware | 2024-08-05 | N/A |
| flu.cgi in the web interface on SysLINK SL-1000 Machine-to-Machine (M2M) Modular Gateway devices with firmware before 01A.8 allows remote authenticated users to execute arbitrary commands via the 5066 (aka dnsmasq) parameter. | ||||
| CVE-2016-2056 | 2 Debian, Xymon | 2 Debian Linux, Xymon | 2024-08-05 | N/A |
| xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the adduser_name argument in (1) web/useradm.c or (2) web/chpasswd.c. | ||||
| CVE-2016-2002 | 1 Hp | 1 Vertica | 2024-08-05 | N/A |
| The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417. | ||||
| CVE-2016-1555 | 1 Netgear | 14 Wn604, Wn604 Firmware, Wn802tv2 and 11 more | 2024-08-05 | N/A |
| (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands. | ||||
| CVE-2016-1388 | 1 Cisco | 3 Network Analysis Module, Prime Network Analysis Module Software, Prime Virtual Network Analysis Module Software | 2024-08-05 | N/A |
| Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) and Prime Virtual Network Analysis Module (vNAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1) allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882. | ||||
| CVE-2016-0920 | 1 Emc | 1 Avamar Server | 2024-08-05 | N/A |
| Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233 allow local users to obtain root access via a crafted parameter to a command that is available in the sudo configuration. | ||||
| CVE-2016-0861 | 1 Ge | 1 Ups Snmp Web Adapter Firmware | 2024-08-05 | N/A |
| General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2016-0396 | 1 Ibm | 1 Bigfix Platform | 2024-08-05 | N/A |
| IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected. | ||||
| CVE-2016-0328 | 1 Ibm | 1 Security Guardium Database Activity Monitor | 2024-08-05 | N/A |
| IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and 10.x through 10.1 before p100 allows local users to obtain administrator privileges for command execution via unspecified vectors. | ||||