CVE-2018-20162

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root...

CVE-2019-15710

An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, 4.0.0 and below under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted "execute date" commands...

GHSA-274Q-79Q9-52J7 Character injection in Hubble CLI

Impact A network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output. This could be leveraged to conceal log entries, rewrite output, or even make the terminal temporarily unusable. Exploitatio...

Character injection in Hubble CLI

Impact A network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output. This could be leveraged to conceal log entries, rewrite output, or even make the terminal temporarily unusable. Exploitatio...

Improper Neutralization of Escape, Meta, or Control Sequences

Overview Affected versions of this package are vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences via the Hubble CLI terminal output processing. An attacker can manipulate the output to conceal log entries, rewrite output, or make the terminal temporarily unusable by...

CVE-2025-48056

Hubble is a fully distributed networking and security observability platform for cloud native workloads. Prior to version 1.17.2, a network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output...

CVE-2025-48056

CVE-2025-48056 affects the Hubble CLI before v1.17.2. A network attacker could inject malicious control characters into Hubble CLI terminal output, potentially compromising integrity and allowing concealing of log entries, rewriting output, or making the terminal temporarily unusable. Exploitatio...

CVE-2025-48056 Hubble CLI vulnerable to character injection

Hubble is a fully distributed networking and security observability platform for cloud native workloads. Prior to version 1.17.2, a network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output...

CVE-2025-48056 Hubble CLI vulnerable to character injection

Hubble is a fully distributed networking and security observability platform for cloud native workloads. Prior to version 1.17.2, a network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output...

CVE-2025-48056 Hubble CLI vulnerable to character injection

Hubble is a fully distributed networking and security observability platform for cloud native workloads. Prior to version 1.17.2, a network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output...

PT-2025-22295 · Unknown · Hubble Cli

Name of the Vulnerable Software and Affected Versions: Hubble CLI versions prior to 1.17.2 Description: Hubble is a fully distributed networking and security observability platform for cloud native workloads. A network attacker could inject malicious control characters into Hubble CLI terminal...

Malicious code in stencil-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63d683888e04619d454cbecb6bbbf03259919fb7cb2a3ac164deb94fd37938d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4027 Malicious code in stencil-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63d683888e04619d454cbecb6bbbf03259919fb7cb2a3ac164deb94fd37938d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in cube-sign-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc7b296732045296d18c9e2c5c6ea0f8feaa1bd21693f62a60cea65af5525491 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3880 Malicious code in cube-sign-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc7b296732045296d18c9e2c5c6ea0f8feaa1bd21693f62a60cea65af5525491 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-6486

The ImageMagick Engine ImageMagick Engine WordPress plugin before 1.7.11 for WordPress is vulnerable to OS Command Injection via the "clipath" parameter. This allows authenticated attackers, with administrator-level permission to execute arbitrary OS commands on the server leading to remote code...

RHSA-2025:7630 Red Hat Security Advisory: updated discovery-cli RPMs

Bulletin has no description...

Important: Red Hat Security Advisory: updated discovery-cli RPMs

Updated discovery-cli dsc and discovery-installer RPMs are now available for Discovery 1.14. New version of Discovery CLI dsc and installer are now available for RHEL 8 and RHEL 9 for Discovery 1.14...

CVE-2025-28056

rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component...

WordPress plugin ImageMagick Engine 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...