Symantec Reporter CLI OS Command Injection Vulnerability

Symantec Reporter CLI is a command line tool from Symantec USA. The tool is primarily used to manage and change network settings. An operating system command injection vulnerability exists in Symantec Reporter CLI, which can be exploited by a remote attacker to execute arbitrary operating system...

Twifo-Cli - Get User Information Of A Twitter User

Get user information of a Twitter user! Install $ npm install --global twifo-cli OR $ sudo npm install --global twifo-cli Usage $ Usage: twifo Example: $ twifo 9gag Related twifo : API for this tool. quorafy: Get user information of a Quora user. Download Twifo-Cli...

CVE-2019-3803 Concourse includes token in CLI authentication callback

Pivotal Concourse, all versions prior to 4.2.2, puts the user access token in a url during the login flow. A remote attacker who gains access to a user's browser history could obtain the access token and use it to authenticate as the user...

[ASA-201901-5] wireshark-cli: multiple issues

Arch Linux Security Advisory ASA-201901-5 ========================================= Severity: Medium Date : 2019-01-10 CVE-ID : CVE-2019-5716 CVE-2019-5717 CVE-2019-5718 CVE-2019-5719 Package : wireshark-cli Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-844 Summary...

PHP 5.6.x < 5.6.13 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.13. It is, therefore, affected by multiple vulnerabilities : - Multiple use-after-free memory errors exist related to the unserialize function, which a remote attacker can exploit to execute arbitra...

Imperva SecureSphere PWS Command Injection

This module exploits a command injection vulnerability in Imperva SecureSphere 13.x. The vulnerability exists in the PWS service, where Python CGIs didn't properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent...

PRETty - "PRinter Exploitation Toolkit" LAN Automation Tool

PRETty is useful when a large number of printers are present on a network. Instead of scanning, logging, and manually running PRET againt each individual printer, PRETty will automatically discover and run choosen PRET payloads against all printers on the target network. Additionally, PRETty can ...

JSShell - An Interactive Multi-User Web JS Shell

An interactive multi-user web based javascript shell. It was initially created in order to debug remote esoteric browsers during experiments and research. This tool can be easily attached to XSS Cross Site Scripting payload to achieve browser remote code execution similar to the BeeF framework...

Fedora 29 : php (2018-7ebfe1e6f2)

PHP version 7.2.13 06 Dec 2018 ftp: - Fixed bug php77151 ftpclose: SSLread on shutdown. Remi CLI: - Fixed bug php77111 php-win.exe corrupts unicode symbols from cli parameters. Anatol Fileinfo: - Fixed bug php77095 slowness regression in 7.2/7.3 compared to 7.1. Anatol iconv: - Fixed bug php77147...

Fedora 29 : mediawiki (2018-f4b65fc7cd)

https://www.mediawiki.org/wiki/Releasenotes/1.29MediaWiki1.29.3 - T169545, CVE-2018-0503 SECURITY: $wgRateLimits entry for 'user' overrides 'newbie'. - T194605, CVE-2018-0505 SECURITY: BotPasswords can bypass CentralAuth's account lock. - T180551 Fix LanguageSrTest for language converter - T18055...

Fedora 28 : php (2018-dfe1f0bac6)

PHP version 7.2.13 06 Dec 2018 ftp: - Fixed bug php77151 ftpclose: SSLread on shutdown. Remi CLI: - Fixed bug php77111 php-win.exe corrupts unicode symbols from cli parameters. Anatol Fileinfo: - Fixed bug php77095 slowness regression in 7.2/7.3 compared to 7.1. Anatol iconv: - Fixed bug php77147...

Fedora 28 : mediawiki (2018-e022ecbc52)

https://www.mediawiki.org/wiki/Releasenotes/1.29MediaWiki1.29.3 - T169545, CVE-2018-0503 SECURITY: $wgRateLimits entry for 'user' overrides 'newbie'. - T194605, CVE-2018-0505 SECURITY: BotPasswords can bypass CentralAuth's account lock. - T180551 Fix LanguageSrTest for language converter - T18055...

Logitech SqueezeCenter/Media Server Detection Consolidation

Consolidation of Logitech SqueezeCenter/Media Server detections. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

How to take support bundle from CLI on SDWAN

Take support bundle on SD-WAN using CLI and upload it to FTP server...

[SECURITY] Fedora 29 Update: spatialite-tools-4.3.0-31.fc29

Spatialite-Tools is a set of useful CLI tools for SpatiaLite...

CVE-2018-18629

CVE-2018-18629 affects the Keybase command-line client for Linux prior to 2.8.0-20181023124437. A local untrusted search path vulnerability in the keybase-redirector (SUID root) lets a local unprivileged user escalate to root via a Trojan horse binary, by abusing a relative path when calling fuse...

CVE-2018-1833

IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. An attacker, who has already gained authorised access via the CLI, could exploit this vulnerability to spoof the request header. IBM X-Force ID: 150507...

Cross site request forgery (csrf)

IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. An attacker, who has already gained authorised access via the CLI, could exploit this vulnerability to spoof the request header. IBM X-Force ID: 150507...

Logitech SqueezeCenter/Media Server CLI Detection

The script tries to identify services supporting Logitech SqueezeCenter/Media Server CLI interface. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

abeja-sdk (>=0.2.0rc1 <=1.1.0rc1), abejacli (>=1.0.2 <=1.0.2rc1) +492 more potentially affected by CVE-2018-20060 via urllib3 (>=1.10.2 <=1.22.0)

urllib3 PYPI version =1.10.2, =0.2.0rc1, =1.0.2, =0.18.0.3, =0.70.0, =0.0.1, =0.5.0, =1.1.0rc6, =0.8.0, =0.0.2, =0.1.3, =2.4.1, =2.5.1 and more Source cves: CVE-2018-20060 Source advisory: OSV:PYSEC-2018-32...