| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 13 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 12 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 11 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 10 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 9 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 8 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 7 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 6 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 5 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 4 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 3 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 2 of 46). |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 1 of 46). |
| The '/common/ajax_email_connection_test.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by any authenticated user and can be abused to execute arbitrary commands on the system. This script is vulnerable to command injection via the unsanitized user input 'TEST_SERVER' sent to the script via the POST method. |
| In order to perform actions that require higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue that runs daemonized with root privileges and only allows a set of commands to be executed. A command injection vulnerability exists within this message queue which allows low-privilege users to append arbitrary commands that will be run as root. |
| The ObjReader::ReadObj() function in ObjReader.cpp in vincent0629 PDFParser allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly execute arbitrary code via a crafted pdf file. |
| 'getlogs' utility in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 is affected by an OS command injection vulnerability. A malicious Avamar admin user may potentially be able to execute arbitrary commands under root privilege. |
| Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header. |
| A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. |
| A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. |
