7988 matches found
CVE-2019-12660 Cisco IOS XE Software ASIC Register Write Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An...
CVE-2019-12660 Cisco IOS XE Software ASIC Register Write Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An...
CVE-2019-12709 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...
CVE-2019-12709
CVE-2019-12709 describes a privilege-escalation vulnerability in Cisco IOS XR Software for Cisco ASR 9000 Series (VMAN CLI). An authenticated, local attacker can exploit insufficient validation of VMAN CLI arguments to execute arbitrary commands on the underlying Linux OS with root privileges, po...
CVE-2019-12709 Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...
CVE-2019-12661 Cisco IOS XE Software Virtualization Manager CLI Command Injection Vulnerability
A vulnerability in a Virtualization Manager VMAN related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of...
CVE-2019-12671
CVE-2019-12671 is Cisco IOS XE CLI consent-token bypass that allows an authenticated, local attacker to gain shell access and execute commands on the underlying OS by bypassing consent token enforcement. Affected software is Cisco IOS XE; root cause is insufficient enforcement of the consent toke...
CVE-2019-12661
CVE-2019-12661 : Cisco IOS XE Software’s Virtualization Manager (VMAN) CLI command is vulnerable to injection due to insufficient validation of arguments passed to a specific VMAN CLI command. An authenticated, local attacker with administrator privileges can exploit this to execute arbitrary com...
CVE-2019-12671 Cisco IOS XE Software Consent Token Bypass Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system OS. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell...
CVE-2019-12661 Cisco IOS XE Software Virtualization Manager CLI Command Injection Vulnerability
A vulnerability in a Virtualization Manager VMAN related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of...
Cisco IOS XE Software Virtualization Manager CLI Command Injection Vulnerability
A vulnerability in a Virtualization Manager VMAN related CLI command of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a privilege level of root. The vulnerability is due to insufficient validation of...
Cisco IOS XR Software for Cisco ASR 9000 VMAN CLI Privilege Escalation Vulnerability
A vulnerability in a CLI command related to the virtualization manager VMAN in Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with root privileges. The...
Cisco IOS XE Software ASIC Register Write Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An...
status-board-cli (>=1.1.0 <=2.0.51) potentially affected by CVE-2019-15478 via status-board (>=1.1.12 <=1.1.80)
status-board NPM version =1.1.12, =1.1.0, =2.0.51 Source cves: CVE-2019-15478 Source advisory: OSV:GHSA-6M4R-CGM3-6Q7Q...
status-board-cli (>=1.1.0 <=2.0.51) potentially affected by CVE-2019-15479 via status-board (>=1.1.12 <=1.1.80)
status-board NPM version =1.1.12, =1.1.0, =2.0.51 Source cves: CVE-2019-15479 Source advisory: OSV:GHSA-8864-RHMW-5M6F...
@homey/server (>=0.0.7 <=0.1.17), @merorafael/torrent-cli (>=0.1.0 <=0.1.1) +17 more potentially affected by CVE-2019-15782 via webtorrent (>=0.100.0 <=0.104.0)
webtorrent NPM version =0.100.0, =0.0.7, =0.1.0, =0.0.1, =1.2.0, =0.0.1, =1.0.0, =0.0.3, =1.1.0, =1.1.1, =1.0.0, =0.0.2, =0.0.3 and more Source cves: CVE-2019-15782 Source advisory: OSV:GHSA-GJH4-FCV3-WHPQ...
Cisco NX-OS Software Arbitrary File Overwrite Vulnerability
According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in the CLI implementation of a specific command used for image maintenance for Cisco NX-OS Software. An authenticated, local attacker can exploit the vulnerability to overwrite any file on the file system...
CVE-2019-1966
A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...
Command injection
A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...
CVE-2019-1966 Cisco Unified Computing System Fabric Interconnect root Privilege Escalation Vulnerability
A vulnerability in a specific CLI command within the local management local-mgmt context for Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to gain elevated privileges as the root user on an affected device. The vulnerability is due to extraneous subcommand...