Lucene search
K

350 matches found

NVD
NVD
added 2026/03/11 5:16 p.m.4 views

CVE-2026-20040

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI...

8.8CVSS0.00172EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 3:33 p.m.4 views

GHSA-VV3H-7QWR-722V Anytype Heart's gRPC API client challenge verification can be bypassed on localhost

Impact The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. Affected components: - Anytype Desktop all platforms ≤ v0.48.2 - Anytype-CLI headless deployments ≤ v0.1.9 Not affected: - Anytype mobile apps iOS...

3.6CVSS5.8AI score0.00107EPSS
Exploits0References6
NVD
NVD
added 2026/03/11 4:17 a.m.4 views

CVE-2026-23815

A vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands...

7.2CVSS0.00938EPSS
Exploits0References1
NVD
NVD
added 2026/03/11 4:17 a.m.4 views

CVE-2026-23816

A vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS0.00671EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24752

Shell Command Injection in User Git Config Endpoint | Field | Value | |-------|-------| | Severity | High | | CVSS 3.1 | 8.8 High — when chained with VULN-01 | | CWE | CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' | | Attack Vector | Network | |...

8.8CVSS6.3AI score0.06034EPSS
Exploits1References10
RedhatCVE
RedhatCVE
added 2026/03/05 7:31 p.m.5 views

CVE-2026-20063

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

6CVSS6.2AI score0.00188EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/04 6:31 p.m.5 views

EUVD-2026-9428

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

6CVSS6.6AI score0.00132EPSS
Exploits0References2
Cisco
Cisco
added 2026/03/04 4:0 p.m.13 views

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Authenticated Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause a device to execute commands with elevated privileges or reload unexpectedly,...

6.5CVSS6AI score0.00334EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.7 views

PT-2026-22969

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

6CVSS6.6AI score0.00132EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.5 views

PT-2026-23022

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

6CVSS6.2AI score0.00188EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/02/25 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-20775

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted...

7.8CVSS6.1AI score0.12475EPSS
In wildExploits2References9
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.5 views

CVE-2019-12130

In ONAP CLI through Dublin, by accessing an applicable port 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271, an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager OOM setups are affected...

10CVSS7AI score0.01655EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.7 views

CVE-2025-12196

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up ...

8.6CVSS7.6AI score0.0051EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 10:33 p.m.5 views

CVE-2025-12195

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via specially crafted IPSec configuration CLI commands.This vulnerability affects Fireware OS 11.0 up to and including 11.12.4+541730, 12.0 up to and includi...

8.6CVSS7.7AI score0.00567EPSS
Exploits0References1
OSV
OSV
added 2025/12/04 10:15 p.m.4 views

CVE-2025-12196

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command.This vulnerability affects Fireware OS 12.0 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up ...

7.2CVSS6AI score0.0051EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/12/04 12:0 a.m.6 views

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS is a software from WatchGuard USA that runs on Firebox. A security vulnerability exists in WatchGuard Fireware OS versions 12.11.4 and earlier, 12.5.13 and earlier, and 2025.1.2 and earlier, which stems from an out-of-bounds write to the CLI that could lead to the execution...

8.6CVSS7.9AI score0.0051EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/04 12:0 a.m.6 views

PT-2025-49156

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 12.0 through 12.11.4 WatchGuard Fireware OS versions 12.5 through 12.5.13 WatchGuard Fireware OS versions 2025.1 through 2025.1.2 Description An out-of-bounds write issue exists in the Command Line Interface CLI...

9CVSS7.6AI score0.0051EPSS
Exploits0References8
OSV
OSV
added 2025/11/18 7:15 p.m.5 views

CVE-2025-37163

A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...

7.2CVSS6.1AI score0.00897EPSS
Exploits0References1
OSV
OSV
added 2025/11/17 5:29 p.m.6 views

CVE-2025-64756 glob CLI: Command injection via -c/--cmd executes matches with shell:true

Glob matches files using patterns the shell uses. Starting in version 10.2.0 and prior to versions 10.5.0 and 11.1.0, the glob CLI contains a command injection vulnerability in its -c/--cmd option that allows arbitrary command execution when processing files with malicious names. When glob -c are...

7.5CVSS8.2AI score0.03026EPSS
Exploits1References5
OSV
OSV
added 2025/10/14 5:15 p.m.4 views

CVE-2025-37142

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS5.9AI score0.00319EPSS
Exploits0References1
Rows per page
Query Builder