Cisco IOS XE Software Startup Script Local Command Execution Vulnerability

A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. SPDX-FileCopyrightText: 2017 Greenbone AG Some te...

Cisco IOS XE Software Startup Script Local Command Execution Vulnerability

A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated attacker with physical access to the targeted system to execute arbitrary commands on the underlying operating system with the privileges of the root user. The vulnerability is due to insufficient validati...

IBM PowerKVM Local Command Execution Vulnerability

IBM PowerKVM is a set of open virtualization solutions from the U.S. company IBM designed for the Power extension function of Linux servers based on POWER8 technology. The solution supports the sharing of physical computer memory and I/O resources, etc. through server virtualization. A local...

AlienVault USM Local Command Execution Vulnerability

AlienVault Unified Security Management USM is a security management platform from AlienVault, Inc. that provides security monitoring, security event management and reporting, and threat awareness systems. An arbitrary command execution vulnerability exists in AlienVault USM, where an attacker cou...

CVE-2017-6970

AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863...

Local Command Execution Vulnerability in Multiple Veritas Products

Veritas Access and others are products of Veritas Technologies, Inc. Veritas Access is a horizontally scalable NAS solution for unstructured data; Veritas NetBackup Appliance is an enterprise-class backup management appliance. A local command execution vulnerability exists in multiple Veritas...

CVE-2017-6401

An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat...

CVE-2016-7545

SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call...

IBM Cognos Disclosure Local Command Execution Vulnerability

IBM Cognos Disclosure Management CDM is a financial reporting and process automation solution from IBM USA. The system suffers from a local command execution vulnerability. A local command execution vulnerability exists in IBM Cognos Disclosure that could be exploited by an attacker to execute...

GNU Bash Local Command Execution Vulnerability

GNU Bash is a shell command language interpreter written by American software developer Brian J. Fox for the GNU Project, which runs on Unix-like operating systems the default shell for Linux systems and is capable of reading from, and executing commands from, a standard input device or file, as...

CVE-2016-6414

iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223...

NMAP DLL Load Local Command Execution Vulnerability

NMAP is a network security tool for Network Discovery Network Discovery and Security Auditing Security Auditing, which is free software. A local command execution vulnerability exists in NMAP DLL loading, which could be exploited by an attacker to execute arbitrary script code within the context ...

Python DLL Load Local Command Execution Vulnerability

Python is an open source, object-oriented programming language from the Python Software Foundation. Python suffers from a local command execution vulnerability. A local attacker could exploit the vulnerability to execute arbitrary code in the context of an affected application...

IBM Tivoli Storage Manager DLL Load Local Command Execution Vulnerability

IBM Tivoli Storage Manager TSM is a backup and recovery management solution from IBM USA. The solution supports data protection, space management and archiving, business recovery and disaster recovery. A security vulnerability in IBM Tivoli Storage Manager allows an attacker to execute arbitrary...

IBM MQ Appliance Local Command Execution Vulnerability

The IBM MQ Appliance is a solution that supports IBM MQ deployment for new use cases and simplifies existing deployment options. A local command execution vulnerability exists in IBM MQ Appliance. A local attacker is allowed to exploit the vulnerability to execute arbitrary commands and obtain...

OpenSSH < 7.0 Multiple Vulnerabilities

According to its banner, the version of OpenSSH running on the remote host is prior to 7.0. It is, therefore, affected by the following vulnerabilities : - A security bypass vulnerability exists in the kbdintnextdevice function in file auth2-chall.c that allows the circumvention of MaxAuthTries...

CVE-2014-2593

Aruba Networks ClearPass Policy Manager 6.3.0.60730 contains a command injection flaw in its management console, where local users can execute arbitrary shell commands via metacharacters in arguments of valid commands (notably system status-rasession and network ping). This CVE (CVE-2014-2593) is...

PT-2014-5353 · Red Hat · Red Hat Cloudforms

Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms versions prior to 5.2.4.2 Description: The issue allows local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name. This is due to vulnerabilities in the shell exec function i...

Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution

No description provided by source...

QNX PPPoEd 2.4/4.25/6.2 Path Environment Variable Local Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11105/info QNX PPoEd is reported prone to a problem that exists in the handling of paths to external executables that are employed by PPPoEd. Because of this, an attacker may be able to gain elevated privileges on a host...