CVE-2017-3134

An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows attacker to gain root access via the CLI command 'copy running-config'...

hammer_cli SSL Certificate Authentication Security Bypass Vulnerability

Hammer is a general-purpose clamp-based CLI framework from Foreman. hammer-cli provides only the core functionality. A SSL certificate authentication security bypass vulnerability exists in hammercli, which stems from the program failing to properly validate SSL certificates. An attacker could us...

Cisco Nexus 5000 Series Switches NX-OS System Software Command Injection Vulnerability

Cisco Nexus 5000 Series Switches are the Cisco Nexus series of data center-class switches from Cisco, Inc.Cisco NX-OS System Software is the data center operating system that runs on them. A command injection vulnerability exists in the CLI of Cisco NX-OS System Software versions 7.1 through 7.3 ...

CVE-2017-6650

A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An...

CVE-2017-6650

A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An...

Command injection

A vulnerability in the Telnet CLI command of Cisco NX-OS System Software 7.1 through 7.3 running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An...

CVE-2017-6650

Summary: CVE-2017-6650 affects Cisco NX-OS System Software 7.1–7.3 on Cisco Nexus Series Switches. The issue is a command injection in the Telnet CLI, caused by insufficient input validation of command arguments. An authenticated local attacker could inject crafted arguments into the Telnet CLI t...

CVE-2017-6649

CVE-2017-6649 concerns Cisco NX-OS System Software CLI on Cisco Nexus Series Switches. The vulnerability arises from insufficient input validation of command arguments in the CLI, allowing an authenticated, local attacker to inject crafted arguments and read or write arbitrary files outside the i...

SUSE SLES12 Security Update : git (SUSE-SU-2017:1357-1)

This update for git fixes the following issues : - git 2.12.3 : - CVE-2017-8386: Fix git-shell not to escape with the starting dash name bsc1038395 - Fix for potential segv introduced in v2.11.0 and later - Misc fixes and cleanups. - git 2.12.2 : - CLI output fixes - 'Dump http' transport fixes -...

CVE-2017-6623

A vulnerability in a script file that is installed as part of the Cisco Policy Suite CPS Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permissions on the script file...

Code injection

A vulnerability in a script file that is installed as part of the Cisco Policy Suite CPS Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permissions on the script file...

CVE-2017-6623

A vulnerability in a script file that is installed as part of the Cisco Policy Suite CPS Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. The vulnerability is due to incorrect sudoers permissions on the script file...

Cisco Nexus 5000 Series Switches CLI Command Injection Vulnerability (cisco-sa-20170517-nss)

A vulnerability in the CLI of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, a...

Cisco Nexus 5000 Series Switches Telnet CLI Command Injection Vulnerability (cisco-sa-20170517-nss1)

A vulnerability in the Telnet CLI command of Cisco NX-OS System Software running on Cisco Nexus 5000 Series Switches could allow an authenticated, local attacker to perform a command injection attack. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a...

Cisco Nexus Series Switches CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS System Software running on Cisco Nexus Series Switches could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments. An attacker could exploit this...

Mimir - OSINT Threat Intel Interface

OSINT Threat Intel Interface - Named after the old Norse God of knowledge. Mimir functions as a CLI to HoneyDB which in short is an OSINT aggragative threat intel pool. Starting the program brings you to a menu the options for which are as follows. 1. Fetch Threat Feed 5. Visualize Top Malicious...

openSUSE Security Update : quagga (openSUSE-2017-547)

This update for quagga fixes the following issues : This security issue was fixed : - CVE-2017-5495: Quagga was vulnerable to an unbounded memory allocation in the telnet 'vty' CLI, leading to a Denial-of-Service of Quagga daemons, or even the entire host. When Quagga daemons are configured with...

[SECURITY] Fedora 25 Update: wireshark-2.2.6-1.fc25

Metapackage with installs wireshark-cli and wireshark-qt...

iOS Security Testing Framework: needle

iOS Security Testing Framework Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes...

Jenkins unauthorized code execution vulnerability analysis, updated the vulnerability of the environment, to detect script-vulnerability warning-the black bar safety net

A, summary CloudBees Jenkins 2.32.1 version exists in Java deserialization vulnerability, and ultimately can lead to remote code execution. Jenkins is a continuous integration continuous integration and continuous delivery system, can improve the software development process of the Central Africa...