CVE-2024-41124

Puncia is the Official CLI utility for Subdomain Center & Exploit Observer. APIURLS is utilizing HTTP instead of HTTPS for communication that can lead to issues like Eavesdropping, Data Tampering, Unauthorized Data Access & MITM Attacks. This issue has been addressed in release version 0.21 by...

Xsubfind3R - A CLI Utility To Find Domain'S Known Subdomains From Curated Passive Online Sources

xsubfind3r is a command-line interface CLI utility to find domain's known subdomains from curated passive online sources. Features Fetches domains from curated passive sources to maximize results. Supports stdin and stdout for easy integration into workflows. Cross-Platform Windows, Linux & macOS...

Xurlfind3R - A CLI Utility To Find Domain'S Known URLs From Curated Passive Online Sources

xurlfind3r is a command-line interface CLI utility to find domain's known URLs from curated passive online sources. Features Fetches URLs from curated passive sources to maximize results: AlienVault's OTX BeVigil Common Crawl URLScan Github Intelligence X Wayback Machine With Wayback Machine,...

CVE-2023-34824

fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in cafinfo function in cafreader.c...

CVE-2023-34823

fdkaac before 1.0.5 was discovered to contain a stack overflow in readcallback function in src/main.c...

Fedora: Security Advisory for python-vkbasalt-cli (FEDORA-2023-328397d034)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for python-vkbasalt-cli (FEDORA-2023-cc571303eb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: python-vkbasalt-cli-3.1.1.post1-1.fc37

vkbasalt-cli is a CLI utility and library in conjunction with vkBasalt. This makes generating configuration files or running vkBasalt with games easier. This is mainly convenient in environments where integrating vkBasalt is wishful, for example a GUI application. Integrating vkbasalt-cli allows ...

[SECURITY] Fedora 38 Update: python-vkbasalt-cli-3.1.1.post1-1.fc38

vkbasalt-cli is a CLI utility and library in conjunction with vkBasalt. This makes generating configuration files or running vkBasalt with games easier. This is mainly convenient in environments where integrating vkBasalt is wishful, for example a GUI application. Integrating vkbasalt-cli allows ...

[SECURITY] Fedora 35 Update: golang-github-hashicorp-sockaddr-1.0.2-11.fc35

Socket address convenience functions for Go. go-sockaddr is a convenience library that makes doing the right thing with IP addresses easy. go-sockaddr is loosely modeled after the UNIX sockaddrt and creates a union of the family of sockaddrt types see below for an ascii diagram. Library...

[SECURITY] Fedora 36 Update: golang-github-hashicorp-sockaddr-1.0.2-11.fc36

Socket address convenience functions for Go. go-sockaddr is a convenience library that makes doing the right thing with IP addresses easy. go-sockaddr is loosely modeled after the UNIX sockaddrt and creates a union of the family of sockaddrt types see below for an ascii diagram. Library...

[SECURITY] Fedora 35 Update: httpie-3.1.0-1.fc35

HTTPie is a CLI HTTP utility built out of frustration with existing tools. The goal is to make CLI interaction with HTTP-based services as human-friendly as possible. HTTPie does so by providing an http command that allows for issuing arbitrary HTTP requests using a simple and natural syntax and...

CVE-2020-3600 Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI...

CVE-2019-16011 Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to...

Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to...

Imperva SecureSphere 13.x PWS Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to comma...

Imperva SecureSphere 13.x PWS Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Imperva SecureSphere PWS Command Injection', 'Description' = %q This module exploits a command injection vulnerability in Imperva SecureSphere...

Imperva SecureSphere PWS Command Injection

This module exploits a command injection vulnerability in Imperva SecureSphere 13.x. The vulnerability exists in the PWS service, where Python CGIs didn't properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent...

CVE-2018-0433 Cisco SD-WAN Solution Command Injection Vulnerability

A vulnerability in the command-line interface CLI in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability ...

CVE-2018-9144

An out-of-bound read has been found in Exiv2 in the way binary bytes are converted to string. An attacker could potentially use this flaw to crash the Exiv2 CLI utility program by tricking it into processing a crafted TIFF image...