CVE-2024-31481

Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...

CVE-2024-45033

Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged...

CVE-2024-20399

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that ar...

CVE-2024-6833

A vulnerability in Zowe CLI allows local, privileged actors to store previously entered secure credentials in a plaintext file as part of an auto-init operation...

CVE-2024-31480

Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...

CVE-2024-6916

A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag...

CVE-2024-35274

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-22 in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and Fortinet FortiAnalyzer-BigData version 7.4.0 and below 7.2.7 allows a privileged attacker with read...

CVE-2024-32116

Multiple relative path traversal vulnerabilities CWE-23 in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker to delete files from the...

CVE-2024-20461

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

CVE-2023-26210

Multiple improper neutralization of special elements used in an os command 'OS Command Injection' vulnerabilties CWE-78 vulnerability in Fortinet allows a local authenticated attacker to execute arbitrary shell code as root user via crafted CLI requests...

CVE-2023-50974

In Appwrite CLI before 3.0.0, when using the login command, the credentials of the Appwrite user are stored in a /.appwrite/prefs.json file with 0644 as UNIX permissions. Any user of the local system can access those credentials...

CVE-2023-45627

An authenticated Denial-of-Service DoS vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point...

CVE-2023-45614

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...

CVE-2023-45615

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...

CVE-2023-33235

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrar...

CVE-2023-20224

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An...

CVE-2023-20234

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...

CVE-2023-28000

An improper neutralization of special elements used in an OS command vulnerability CWE-78 in FortiADC CLI 7.1.0, 7.0.0 through 7.0.3, 6.2.0 through 6.2.4, 6.1 all versions, 6.0 all versions may allow a local and authenticated attacker to execute unauthorized commands via specifically crafted...

CVE-2023-41679

An improper access control vulnerability CWE-284 in FortiManager management interface 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions may allow a remote and authenticated attacker with at least "device management" permission on his profile and...

CVE-2023-20170

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the...