Total
4387 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-12237 | 1 Symantec | 1 Reporter | 2024-11-21 | N/A |
| The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8 is susceptible to an OS command injection vulnerability. An authenticated malicious administrator with Enable mode access can execute arbitrary OS commands with elevated system privileges. | ||||
| CVE-2018-11805 | 3 Apache, Debian, Redhat | 3 Spamassassin, Debian Linux, Enterprise Linux | 2024-11-21 | 6.7 Medium |
| In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf files from trusted places. | ||||
| CVE-2018-11616 | 1 Tencent | 1 Foxmail | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tencent Foxmail 7.2.9.115. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5543. | ||||
| CVE-2018-11510 | 1 Asustor | 1 Adm | 2024-11-21 | N/A |
| The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter. | ||||
| CVE-2018-11229 | 1 Crestron | 8 Crestron Toolbox Protocol Firmware, Dmc-str, Tsw-1060 and 5 more | 2024-11-21 | N/A |
| Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP). | ||||
| CVE-2018-11215 | 1 Cloudera | 1 Data Science Workbench | 2024-11-21 | N/A |
| Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors. | ||||
| CVE-2018-11189 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 1 of 6). | ||||
| CVE-2018-11188 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 46 of 46). | ||||
| CVE-2018-11187 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 45 of 46). | ||||
| CVE-2018-11186 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 44 of 46). | ||||
| CVE-2018-11185 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 43 of 46). | ||||
| CVE-2018-11184 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 42 of 46). | ||||
| CVE-2018-11183 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 41 of 46). | ||||
| CVE-2018-11182 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 40 of 46). | ||||
| CVE-2018-11181 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 39 of 46). | ||||
| CVE-2018-11180 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 38 of 46). | ||||
| CVE-2018-11179 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 37 of 46). | ||||
| CVE-2018-11178 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 36 of 46). | ||||
| CVE-2018-11177 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 35 of 46). | ||||
| CVE-2018-11176 | 1 Quest | 1 Disk Backup | 2024-11-21 | N/A |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 34 of 46). | ||||