Lucene search
K

182 matches found

CNVD
CNVD
added 2024/08/30 12:0 a.m.7 views

Cisco NX-OS Software License Issue Vulnerability (CNVD-2024-37701)

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. Cisco NX-OS Software has an authorization issue vulnerability that stems from insufficient security restrictions when executing commands from the Bash shell. An attacker...

6.7CVSS7.9AI score0.0016EPSS
Exploits0References1
CNVD
CNVD
added 2024/08/30 12:0 a.m.5 views

Cisco NX-OS Software Elevation of Privilege Vulnerability (CNVD-2024-37700)

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. An elevation of privilege vulnerability exists in Cisco NX-OS Software, which stems from insufficient security restrictions when executing application parameters from a Bas...

6.7CVSS7AI score0.00149EPSS
Exploits0References1
NVD
NVD
added 2024/08/28 5:15 p.m.17 views

CVE-2024-20413

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device. This vulnerability is due to insufficient security restrictions when executing application arguments from the...

6.7CVSS0.00149EPSS
Exploits0References1
NVD
NVD
added 2024/08/28 5:15 p.m.11 views

CVE-2024-20411

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code as root on an affected device. This vulnerability is due to insufficient security restrictions when executing commands from the Bash shell. An...

6.7CVSS0.0016EPSS
Exploits0References1
CVE
CVE
added 2024/08/28 4:27 p.m.51 views

CVE-2024-20411

Cisco NX-OS Software contains a Bash shell-related vulnerability that allows an authenticated, local attacker with Bash-shell access to execute arbitrary code as root due to insufficient command restrictions. Public sources (including Cisco Security Advisory Cisco NX-OS Bash Arbitrary Code Execut...

6.7CVSS6.9AI score0.0016EPSS
Exploits0References1
CVE
CVE
added 2024/08/28 4:27 p.m.51 views

CVE-2024-20413

CVE-2024-20413 affects Cisco NX-OS Software. A vulnerability arises from insufficient security restrictions when executing application arguments from the Bash shell, allowing an authenticated, local attacker with privileges to access Bash to elevate to network-admin on an affected device. The res...

6.7CVSS6.5AI score0.00149EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/28 4:27 p.m.19 views

CVE-2024-20413 Cisco NX-OS Bash Privilege Escalation Vulnerability

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device. This vulnerability is due to insufficient security restrictions when executing application arguments from the...

6.7CVSS0.00149EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/28 12:0 a.m.5 views

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. An elevation of privilege vulnerability exists in Cisco NX-OS Software, which stems from insufficient security restrictions when executing application parameters from a Bas...

6.7CVSS7.1AI score0.00149EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/28 12:0 a.m.4 views

Cisco NX-OS Software 安全漏洞

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. Cisco NX-OS Software has an authorization issue vulnerability that stems from insufficient security restrictions when executing commands from the Bash shell. An attacker...

6.7CVSS7.7AI score0.0016EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.6 views

PT-2024-6117 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: The issue is related to insufficient security restrictions when executing commands from the Bash shell, allowing an authenticated, local attacker with privileges to access the...

6.8CVSS8.2AI score0.0016EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/08/11 12:0 a.m.5 views

PT-2024-6113 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: The issue is related to insufficient security restrictions when executing application arguments from the Bash shell, allowing an authenticated, local attacker with privileges t...

6.8CVSS7AI score0.00149EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/06/27 6:31 p.m.19 views

CVE-2024-4578 Privilege escalation in Arista Wireless Access Points

This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the ability to authenticate via SSH to an affected AP as the “config” user is able to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require high permissions to explo...

8.4CVSS0.00491EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/05 12:0 a.m.5 views

PT-2024-23600 · Unknown · Ros Kinetic Kame

Name of the Vulnerable Software and Affected Versions: ROS Kinetic Kame affected versions not specified Description: A shell injection issue has been identified, specifically a Bash shell injection. The estimated number of potentially affected devices and details about real-world incidents are no...

7.7AI score
Exploits0References2
GithubExploit
GithubExploit
added 2024/04/01 2:25 a.m.286 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094-detect XZ Utils Vulnerability Check and Downg...

10CVSS9.9AI score0.85974EPSS
Exploits40
Tenable Nessus
Tenable Nessus
added 2024/01/17 12:0 a.m.36 views

Dell iDRAC7 Injection (CVE-2016-5685)

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

9CVSS8AI score0.01757EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.19 views

Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation (CVE-2019-1593)

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level by executing commands authorized to other user roles. The attacker must authenticate with valid user credentials. The vulnerability is due to th...

7.8CVSS7.4AI score0.00375EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.22 views

Cisco NX-OS Software Bash Bypass Guest Shell (CVE-2019-1730)

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...

7.2CVSS6.5AI score0.00398EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/07/25 12:0 a.m.17 views

Cisco NX-OS Software Bash Shell Privilege Escalation (CVE-2019-1596)

A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to escalate their privilege level to root. The attacker must authenticate with valid user credentials. The vulnerability is due to incorrect permissions of a system executable. A...

7.8CVSS7.4AI score0.00325EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.25 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gradle (SUSE-SU-2023:2203-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2203-1 advisory. - CVE-2021-32751: Fixed arbitrary code execution in application plugin and the gradlew script bsc1188569...

8.5CVSS7.8AI score0.02709EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.4 views

SUSE CVE-2005-2968

Firefox 1.0.6 and Mozilla 1.7.10 allows attackers to execute arbitrary commands via shell metacharacters in a URL that is provided to the browser on the command line, which is sent unfiltered to bash...

7.5CVSS7.7AI score0.10718EPSS
Exploits0References4
Rows per page
Query Builder