CVSS: 8.8EPSS: 1%CPEs: 24EXPL: 0CVE-2017-14500 – Ubuntu Security Notice USN-4585-1
https://notcve.org/view.php?id=CVE-2017-14500
17 Sep 2017 — Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure (i.e., a podcast file) that includes shell metacharacters in its filename, related to pb_controller.cpp and queueloader.cpp, a different vulnerability than CVE-2017-12904. No se neutralizan correctamente los elementos especiales utilizados en un comando de si... • http://openwall.com/lists/oss-security/2017/09/16/1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 13EXPL: 0CVE-2008-3907
https://notcve.org/view.php?id=CVE-2008-3907
04 Sep 2008 — The open-in-browser command in newsbeuter before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a feed URL. El comando open-in-browser en newsbeuter versiones anteriores a 1.1 permite a atacantes remotos ejecutar comandos de su elección a través de metacaracteres de consola en una URL fuente. • http://newsbeuter.wordpress.com/2008/09/01/newsbeuter-11-released-contains-security-fix-please-upgrade • CWE-20: Improper Input Validation •