Lucene search
K

44 matches found

EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42536

An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affectin...

8.1CVSS6AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-33390 Incorrect privilege assignment for Arc sensors in Guardian/CMC before 26.2.0

An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affectin...

8.1CVSS0.0021EPSS
Exploits0References1
OSV
OSV
added 2026/07/07 2:34 p.m.3 views

PYSEC-2026-1147 Apache Airflow Fab Provider Insufficient Session Expiration vulnerability

Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...

2.1CVSS5.9AI score0.00936EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:5 p.m.7 views

CVE-2025-15518

Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...

8.5CVSS6.1AI score0.00619EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.11 views

CVE-2018-12591

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admi...

9CVSS8.3AI score0.01861EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:24 p.m.10 views

CVE-2018-12590

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an...

9CVSS8.2AI score0.0167EPSS
Exploits0References1
CVE
CVE
added 2025/12/22 12:0 a.m.13 views

CVE-2025-26787

CVE-2025-26787 affects Keyfactor SignServer prior to 7.2. The issue arises from a logic error in the SignServer container startup routine: the Admin CLI command intended to configure certificate access at the initial startup is executed on every container restart, resetting the access policy to "...

4.7CVSS6.5AI score0.0013EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-4550

Malware in sbrugna...

9CVSS7AI score0.01861EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-9472

Malware in sbrugna...

6.5CVSS6AI score0.02693EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-4549

Malware in sbrugna...

9CVSS7AI score0.0167EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14495

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00377EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 8:8 a.m.6 views

CVE-2024-45033

Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...

8.1CVSS8AI score0.01366EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 12:10 a.m.22 views

CVE-2025-28056

rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component...

9.8CVSS7.9AI score0.00377EPSS
Exploits1References1
NVD
NVD
added 2025/05/13 4:15 p.m.16 views

CVE-2025-28056

rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component...

9.8CVSS0.00377EPSS
Exploits1References2
OSV
OSV
added 2025/05/13 12:0 a.m.6 views

CVE-2025-28056

rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component...

9.8CVSS7.8AI score0.00377EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/05/13 12:0 a.m.9 views

CVE-2025-28056

rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component...

9.8AI score0.00377EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/05/13 12:0 a.m.18 views

CVE-2025-28056

rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component...

0.00377EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/03/19 1:16 p.m.7 views

CVE-2024-54027

A Use of Hard-coded Cryptographic Key vulnerability CWE-321 in FortiSandbox version 4.4.6 and below, version 4.2.7 and below, version 4.0.5 and below, version 3.2.4 and below, version 3.1.5 and below, version 3.0.7 to 3.0.5 may allow a privileged attacker with super-admin profile and CLI access t...

8.2CVSS6.6AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2025/01/08 8:41 a.m.355 views

CVE-2024-45033

CVE-2024-45033 affects Apache Airflow Fab Provider prior to 1.5.2. The root cause is insufficient session expiration: after a user’s password is changed via the admin CLI, the user’s existing sessions are not cleared, allowing continued access even after password changes. This issue is CLI-specif...

8.1CVSS6.4AI score0.00936EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/08/08 4:15 p.m.3 views

CVE-2024-7480

An Improper access control vulnerability was found in Avaya Aura System Manager which could allow a command-line interface CLI user with administrative privileges to read arbitrary files on the system. Affected versions include 10.1.x.x and 10.2.x.x. Versions prior to 10.1 are end of manufacturer...

4.4CVSS5.9AI score0.00151EPSS
Exploits0References1
Rows per page
Query Builder