7976 matches found
jenkins -- multiple vulnerabilities
Jenkins developers report: The Jenkins CLI sent different error responses for commands with view and agent arguments depending on the existence of the specified views or agents to unauthorized users. This allowed attackers to determine whether views or agents with specified names exist. The Jenki...
REST API Penetration Testing: Astra
REST API penetration testing is complex due to continuous changes in existing APIs and newly added APIs. Astra can be used by security engineers or developers as an integral part of their process, so they can detect and patch vulnerabilities early during development cycle. Astra can automatically...
CVE-2018-9144
An out-of-bound read has been found in Exiv2 in the way binary bytes are converted to string. An attacker could potentially use this flaw to crash the Exiv2 CLI utility program by tricking it into processing a crafted TIFF image...
Cisco IOS XE Software CLI Parser Command Injection Vulnerability (CNVD-2018-08179)
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from the program's failure to adequately filter command...
Cisco IOS XE Software CLI Parser Command Injection Vulnerability (CNVD-2018-08180)
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from the program's failure to adequately filter command...
Cisco IOS XE Software CLI Parser Local Elevation of Privilege Vulnerability
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A local elevation of privilege vulnerability exists in the Cisco IOS XE Software CLI parser because the program fails to properly filter command parameter...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
Design/Logic Flaw
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0194
Cisco IOS XE Software CLI Command Injection vulnerabilities affect the CLI parser, allowing an authenticated, local attacker to submit malicious commands that reach the Linux shell with root privileges due to insufficient sanitization of command arguments. This could enable full device compromise...
Cisco IOS XE Software CLI Parser Command Injection Vulnerability
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. A command injection vulnerability exists in the CLI parser in Cisco IOS XE Software, which arises from the program's failure to adequately filter command...
Cisco IOS XE Software CLI Parser Elevation of Privilege Vulnerability
Cisco IOS XE Software is an operating system developed by Cisco for its network devices.CLI parser is one of the command line command parsers. The CLI parser in Cisco IOS XE Software is vulnerable to a privilege extraction vulnerability that arises from the program's failure to properly filter...
CVE-2018-0193
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0193
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0183
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
CVE-2018-0183
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...
CVE-2018-0185
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...
CVE-2018-0182
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...