CVE-2019-5445

DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash the SSH CLI interface by using crafted commands...

CVE-2019-5445

CVE-2019-5445 affects Ubiquiti EdgeMAX EdgeSwitch prior to firmware version 1.8.2. The vulnerability allows an administrator to cause a denial-of-service by sending crafted commands that crash the SSH CLI interface. Documents consistently describe this as a DoS affecting the SSH CLI, with the imp...

Moderate: Red Hat Security Advisory: openstack-tripleo-common security and bug fix update

An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

Regipy - An OS Independent Python Library For Parsing Offline Registry Hives

Regipy is a python library for parsing offline registry hives. regipy has a lot of capabilities: Use as a library: Recurse over the registry hive, from root or a given path and get all subkeys and values Read specific subkeys and values Apply transaction logs on a registry hive Command Line Tools...

Docker Elevation of Privilege Vulnerability

Summary CVE-2018-15664 describes a vulnerability in the Docker runtime and the underlying community project, Moby wherein a malicious/compromised container can acquire full read/write access to the host operating system where that container is running. The vulnerability depends on the way that th...

SUSE SLED15 / SLES15 Security Update : cf-cli (SUSE-SU-2019:1220-2)

"This update for cf-cli fixes the following issues : cf-cli was updated: to version 6.43.0 bsc1132242 Enhancements : cf curl supports a new --fail flag primarily for scripting purposes which returns exit code 22 for server errors story Improves cf delete-orphaned-routes such that it uses a...

CVE-2019-1911 Cisco Unified Communications Domain Manager Restricted Shell Escape Vulnerability

A vulnerability in the CLI of Cisco Unified Communications Domain Manager Cisco Unified CDM Software could allow an authenticated, local attacker to escape the restricted shell. The vulnerability is due to insufficient input validation of shell commands. An attacker could exploit this vulnerabili...

Rock-ON - An All In One Recon Tool That Will Just Get A Single Entry Of The Domain Name And Do All Of The Work Alone

Rock-On is a all in one recon tool that will help your Recon process give a boost. It is mainley aimed to automate the whole process of recon and save the time that is being wasted in doing all this stuffs manually. A thorough blog will be up in sometime. Stay tuned for the Stable version with a...

UBUNTU-CVE-2019-13309

ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c...

The vulnerability of component Acl.asp in the D-Link DSL-3782 router’s microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of component Acl.asp in the D-Link DSL-3782 router microprogramming system is related to insufficient checking of arguments passed to certain CLI command-line interface commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using the...

SUSE-SU-2019:1220-2 Security update for cf-cli

This update for cf-cli fixes the following issues: cf-cli was updated: to version 6.43.0 bsc1132242 Enhancements : - cf curl supports a new --fail flag primarily for scripting purposes which returns exit code 22 for server errors story - Improves cf delete-orphaned-routes such that it uses a...

Cisco NX-OS Software Buffer Overflow and Command Injection Vulnerabilities

According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability in the implementation of a specific CLI command for Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to cause a buffer overflow condition or perform command...

The vulnerability of the command-line interface of the Cisco NX-OS network operating system allows a attacker to execute arbitrary code with elevated privileges.

The vulnerability of the Cisco NX-OS network operating system’s command-line interface CLI is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges on the base operating system...

CVE-2019-1879

A vulnerability in the CLI of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of user-supplied input at the CLI. An attacker could explo...

CVE-2019-1625

A vulnerability in the CLI of Cisco SD-WAN Solution could allow an authenticated, local attacker to elevate lower-level privileges to the root user on an affected device. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by...

CVE-2019-1623

A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary commands as the root user. The vulnerability is due to insufficient input validation during the execution of a vulnerable CLI command. An attacker with...

Input validation

A vulnerability in the CLI of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of user-supplied input at the CLI. An attacker could explo...

Input validation

A vulnerability in the CLI configuration shell of Cisco Meeting Server could allow an authenticated, local attacker to inject arbitrary commands as the root user. The vulnerability is due to insufficient input validation during the execution of a vulnerable CLI command. An attacker with...

CVE-2019-1879

CVE-2019-1879 affects Cisco Integrated Management Controller (IMC) CLI. The issue is due to insufficient validation of user-supplied input in CLI commands, allowing an authenticated local attacker to inject and execute arbitrary commands with root privileges. Exploitation requires admin authentic...

CVE-2019-1879 Cisco Integrated Management Controller CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient validation of user-supplied input at the CLI. An attacker could explo...