CVE-2019-3727

Dell EMC RecoverPoint and RecoverPoint for VMs prior to 5.1.3 and 5.2.0.2, respectively, contain an OS command injection vulnerability in the Boxmgmt CLI installation feature. A local boxmgmt user can potentially execute arbitrary commands as root due to this input handling flaw. The issue is doc...

PT-2019-2368 · Cisco · Cisco Fx-Os +2

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS versions prior to 8.31 Cisco FX-OS affected versions not specified Description: The issue is related to insufficient validation of arguments passed to certain CLI commands, which could allow an authenticated, local attacker with...

Cisco NX-OS Command Injection Vulnerability (CNVD-2019-14623)

Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco NX-OS. The vulnerability stems from insufficient validation of parameters...

Cisco NX-OS Command Injection Vulnerability (CNVD-2019-14613)

Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco NX-OS. The vulnerability stems from insufficient validation of parameters...

PT-2019-2369 · Cisco · Cisco Nx-Os +2

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software and Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on...

PT-2019-2218 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying...

Cisco NX-OS Command Injection Vulnerability (CNVD-2019-14619 )

Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco NX-OS. The vulnerability stems from insufficient validation of parameters...

Cisco NX-OS Command Injection Vulnerability

Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco NX-OS. The vulnerability stems from insufficient validation of parameters...

PT-2019-2370 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying...

Cisco NX-OS Command Injection Vulnerability (CNVD-2019-14620)

Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco NX-OS. The vulnerability stems from insufficient validation of parameters...

Cisco FXOS and NX-OS Command Injection Vulnerability (CNVD-2019-14616)

Cisco FXOS is the Firepower extensible operating system.Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco FXOS and NX-OS. The...

PT-2019-2293 · Cisco · Cisco Nx-Os +2

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software affected versions not specified Cisco NX-OS Software affected versions not specified Description: The issue is related to incomplete role-based access control RBAC verification in the implementation of a CLI diagnostic...

Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileg...

SUSE-SU-2019:1220-1 Security update for cf-cli

This update for cf-cli fixes the following issues: cf-cli was updated: to version 6.43.0 bsc1132242 Enhancements : - cf curl supports a new --fail flag primarily for scripting purposes which returns exit code 22 for server errors story - Improves cf delete-orphaned-routes such that it uses a...

Fedora 28 : php (2019-bab3944fee)

PHP version 7.2.18 02 May 2019 CLI: - Fixed bug php77794 Incorrect Date header format in built-in server. kelunik EXIF - Fixed bug php77950 Heap-buffer-overflow in estrndup via exifprocessIFDTAG. CVE-2019-11036 Stas Interbase: - Fixed bug php72175 Impossibility of creating multiple connections to...

Fedora 29 : php (2019-6e325234a4)

PHP version 7.2.18 02 May 2019 CLI: - Fixed bug php77794 Incorrect Date header format in built-in server. kelunik EXIF - Fixed bug php77950 Heap-buffer-overflow in estrndup via exifprocessIFDTAG. CVE-2019-11036 Stas Interbase: - Fixed bug php72175 Impossibility of creating multiple connections to...

SUSE SLED12 / SLES12 Security Update : audit (SUSE-SU-2019:1166-1)

This update for audit fixes the following issues : Audit on SUSE Linux Enterprise 12 SP3 was updated to 2.8.1 to bring new features and bugfixes. bsc1125535 FATE326346 Many features were added to auparsenormalize cli option added to auditd and audispd for setting config dir In auditd, restore the...

Fedora Update for group-service FEDORA-2019-27e7b92407

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for spatialite-tools FEDORA-2018-ccbe8b931c

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious Package

Overview All versions of wepack-cli typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether t...