Lucene search
K

368 matches found

Vulnrichment
Vulnrichment
added 2025/03/11 2:54 p.m.6 views

CVE-2024-46663

A stack-buffer overflow vulnerability CWE-121 in Fortinet FortiMail CLI version 7.6.0 through 7.6.1 and before 7.4.3 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI commands...

6.7CVSS7AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2025/03/11 2:54 p.m.57 views

CVE-2024-46663

CVE-2024-46663: A stack-buffer overflow (CWE-121) affects Fortinet FortiMail CLI, versions 7.6.0–7.6.1 and prior to 7.4.3. The flaw allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI input. Context in sources indicates Fortinet/FortiGuard PSIRT referen...

6.7CVSS7AI score0.00175EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/03/11 2:54 p.m.8 views

CVE-2024-45328

An incorrect authorization vulnerability CWE-863 in FortiSandbox 4.4.0 through 4.4.6 may allow a low priviledged administrator to execute elevated CLI commands via the GUI console menu...

7.8CVSS0.00137EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.5 views

Fortinet FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A security vulnerability exists in Fortinet FortiSandbox versions 4.4.0 to...

7.8CVSS6.7AI score0.00137EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/28 4:25 p.m.5 views

CVE-2025-20118

A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...

4.4CVSS6.2AI score0.00146EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 5:15 p.m.9 views

CVE-2025-20118

A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...

4.4CVSS0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/26 4:11 p.m.9 views

CVE-2025-20117 Cisco Application Policy Infrastructure Controller Authenticated Command Injection Vulnerability

A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due t...

5.1CVSS0.00172EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/26 4:11 p.m.4 views

CVE-2025-20117 Cisco Application Policy Infrastructure Controller Authenticated Command Injection Vulnerability

A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due t...

5.1CVSS5.7AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2025/02/26 4:11 p.m.102 views

CVE-2025-20117

CVE-2025-20117 affects Cisco APIC CLI. An authenticated, local attacker can execute arbitrary commands as root on the device OS due to insufficient validation of CLI command arguments; success requires valid administrative credentials. The vulnerability stems from improper input validation when p...

6.7CVSS5.7AI score0.00172EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.5 views

PT-2025-8733 · Cisco · Cisco Apic

Name of the Vulnerable Software and Affected Versions: Cisco APIC affected versions not specified Description: A vulnerability in the implementation of internal system processes could allow an authenticated, local attacker to access sensitive information on an affected device. The attacker must...

4.6CVSS5.8AI score0.00146EPSS
Exploits0References7
Fedora
Fedora
added 2025/02/13 2:2 a.m.7 views

[SECURITY] Fedora 40 Update: rust-tealdeer-1.7.1-3.fc40

Fetch and show tldr help pages for many CLI commands. Full featured offline client with caching support...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/11 12:0 a.m.3 views

Fortinet Fortigate - Format string vulnerability in CLI commands (FG-IR-23-261)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-261 advisory. - A use of externally-controlled format string vulnerability CWE-134 in Fortinet FortiOS version 7.4.0 through 7.4.1 and befo...

6.7CVSS6.3AI score0.00242EPSS
Exploits0References2
Fedora
Fedora
added 2025/02/08 2:18 a.m.9 views

[SECURITY] Fedora 41 Update: rust-tealdeer-1.7.1-3.fc41

Fetch and show tldr help pages for many CLI commands. Full featured offline client with caching support...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/06 3:28 a.m.9 views

CVE-2021-44171

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.3 allows attacker to execute privileged command...

9CVSS7.2AI score0.01529EPSS
Exploits0
Fedora
Fedora
added 2025/01/25 2:17 a.m.22 views

[SECURITY] Fedora 41 Update: podman-5.3.2-1.fc41

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

8.6CVSS8.9AI score0.00358EPSS
Exploits0
NVD
NVD
added 2025/01/14 2:15 p.m.9 views

CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections...

6.7CVSS0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/14 2:9 p.m.7 views

CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections...

6.4CVSS8.1AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 2:9 p.m.10 views

CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections...

6.4CVSS0.00218EPSS
Exploits0References1
CVE
CVE
added 2025/01/14 2:9 p.m.54 views

CVE-2024-21758

The CVE-2024-21758 entry concerns a stack-based buffer overflow in Fortinet FortiWeb CLI handling that affects FortiWeb versions 7.2.0–7.2.7 and 7.4.0–7.4.1. The vulnerability could allow a privileged user to execute arbitrary code if FortiWeb stack protections are bypassed. No exploitation detai...

6.7CVSS6.8AI score0.00218EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.6 views

Fortinet FortiWeb - Stack overflow in execute backup command (FG-IR-23-458)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-458 advisory. - A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a...

6.7CVSS6.5AI score0.00218EPSS
Exploits0References2
Rows per page
Query Builder