CVE-2025-8217

The Amazon Q Developer Visual Studio Code VS Code extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making ...

GO-2025-3789 Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode in github.com/snyk/go-application-framework

Snyk CLI Insertion of Sensitive Information into Log File allowed in DEBUG or DEBUG/TRACE mode in github.com/snyk/go-application-framework...

CVE-2025-54558

OpenAI Codex CLI before 0.9.0 auto-approves ripgrep aka rg execution even with the --pre or --hostname-bin or --search-zip or -z flag...

PT-2025-30717 · Openai +1 · Openai Codex Cli +1

Name of the Vulnerable Software and Affected Versions: OpenAI Codex CLI versions prior to 0.9.0 Description: The OpenAI Codex CLI application automatically approves the execution of ripgrep rg even when specific flags—--pre, --hostname-bin, --search-zip, or -z—are used. Recommendations: Update to...

OpenAI Codex CLI 安全漏洞

OpenAI Codex CLI is an OpenAI open source lightweight coding agent software that runs in the terminal. A security vulnerability exists in OpenAI Codex CLI versions prior to 0.9.0 that stems from automatic approval of ripgrep execution, which could lead to a security risk...

CVE-2025-54558

OpenAI Codex CLI before 0.9.0 auto-approves ripgrep aka rg execution even with the --pre or --hostname-bin or --search-zip or -z flag...

Juniper Junos OS Vulnerability (JSA100095)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100095 advisory. - An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved...

CVE-2025-46116

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...

broad-dagster-utils (=2.0.0a7), dagit (>=0.5.1 <=1.10.15) +71 more potentially affected by CVE-2025-51481 via dagster (>=0.1.1 <=1.10.15)

dagster PYPI version =0.1.1, =0.5.1, =0.16.0, =0.5.4, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =0.16.0, =1.0.0, =1.10.0, =1.0.0, =0.16.0, =0.26.15 and more Source cves: CVE-2025-51481 Source advisory: OSV:GHSA-H7X8-JV97-FVVM...

7ghost-cli (>=1.17.6-next.0 <=1.18.4), @5ht/express (>=1.0.6 <=2.2.0) +630 more potentially affected by CVE-2025-7783 via form-data (>=3.0.0 <=3.0.3)

form-data NPM version =3.0.0, =1.17.6-next.0, =1.0.6, =1.0.0, =0.12.4, =1.1.3, =1.9.19, =1.1.0, =1.18.0, =2.13.1, =1.1.0, =10.1.0, =1.0.0, =1.9.2, =2.1.4 and more Source cves: CVE-2025-7783 Source advisory: OSV:GHSA-FJXV-7RQG-78G4...

CVE-2025-46116

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...

CommScope Ruckus Unleashed 安全漏洞

The CommScope Ruckus Unleashed is a wireless router from CommScope USA. A security vulnerability exists in CommScope Ruckus Unleashed versions prior to 200.15.6.212.14, 200.17.7.0.139, and Ruckus ZoneDirector versions prior to 10.5.1.0.279, which stems from a password requirement that can be...

CVE-2025-46116

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139, and in Ruckus ZoneDirector prior to 10.5.1.0.279, where an authenticated attacker can disable the passphrase requirement for a hidden CLI command !v54! via a management API call and then invoke it t...

Wasmtime CLI is vulnerable to host panic through its fd_renumber function

Summary A bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host embedder. The specific bug is triggered by calling pathopen after calling fdrenumber with either: - two equal argument values - second argument being equal...

RHEL 8 / 9 : OpenShift Container Platform 4.18.20 (RHSA-2025:10768)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10768 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

CVE-2025-7397

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...

CVE-2025-7397 CLI history displays inline passwords

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...

CVE-2025-7397 CLI history displays inline passwords

A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores any command executed in the Command Line Interface CLI in plain text within the command history. A local authenticated user that can access sensitive information like passwords within the CLI history leading to unauthorized...

CVE-2025-7397

The CVE-2025-7397 issue affects Brocade ASCG’s ascgshell prior to version 3.3.0, where commands entered in the CLI history are stored in plain text. This creates a local, authenticated attacker’s risk of exposing passwords or sensitive data via history inspection, leading to unauthorized access a...

Fortinet FortiOS Buffer Overflow Vulnerability

Fortinet FortiOS is Fortinet's network security operating system used to provide firewall, VPN, intrusion prevention, and other security features. Fortinet FortiOS suffers from a buffer overflow vulnerability that stems from insufficient boundary checking of specially crafted CLI commands. An...