Security update for jq

This update for jq fixes the following issue CVE-2026-33948: CLI input parsing may allow validation bypass via embedded NUL bytes bsc1262043 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

CVE-2026-20136

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

CVE-2026-21915

A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...

TP-Link多款产品 安全漏洞

TP-LINK Archer is a series of routers produced by TP-LINK Corporation. Several TP-Link products have security vulnerabilities. These vulnerabilities stem from improper handling of Modem Management CLI command inputs. This could allow authenticated attackers with administrative privileges to execu...

CVE-2026-20064

A vulnerability in of Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a...

CVE-2026-20016

A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attack...

CVE-2026-20063

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

CVE-2026-20017

Cisco Secure FTD Software CLI contains a vulnerability due to insufficient input validation of user-supplied CLI arguments. An authenticated, local attacker with valid admin credentials could execute arbitrary OS commands as root. Impact is privilege escalation with potential for high confidentia...

EUVD-2016-2489

Malware in sbrugna...

EUVD-2016-7325

Malware in sbrugna...

cli-form (>=0.0.0 <=0.1.4), cli-qa (>=0.0.0 <=2.3.0) +1 more potentially affected by unknown CVE via read-cli-input (=1.0.1)

read-cli-input NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on read-cli-input and may be impacted: - cli-form =0.0.0, =0.0.0, =0.0.0, =1.3.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-31878...

cli-form (>=0.0.0 <=0.1.4), cli-qa (>=0.0.0 <=2.3.0) +2 more potentially affected by unknown CVE via on-key-press (=0.0.0)

on-key-press NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on on-key-press and may be impacted: - cli-form =0.0.0, =0.0.0, =0.0.0, =0.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-28228...

MAL-2025-31878 Malicious code in read-cli-input (npm)

The package read-cli-input was found to contain malicious code...

Malicious code in read-cli-input (npm)

The package read-cli-input was found to contain malicious code...

CVE-2024-20461

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

CVE-2023-43364

main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution...

CVE-2023-43364

main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution...

CVE-2023-43364

main.py in Searchor before 2.4.2 uses eval on CLI input, which may cause unexpected code execution...

Cisco ThousandEyes Enterprise Agent 安全漏洞

Cisco ThousandEyes Enterprise Agent is an application from Cisco, Inc. provides extended visibility, automated insights, and seamless workflow. A security vulnerability exists in Cisco ThousandEyes Enterprise Agent that stems from insufficient input validation to the CLI, which could allow an...

Cisco Secure Email 操作系统命令注入漏洞

Cisco Secure Email is Cisco's Cisco Secure Email formerly Email Security provides optimal protection for your email from cyber threats. A security vulnerability exists in Cisco Secure Email Gateway that stems from incorrect input validation in the CLI, which can be exploited by an attacker to...