8005 matches found
CVE-2025-3047 Path Traversal in AWS SAM CLI allows file copy to build container
When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...
CVE-2025-3047 Path Traversal in AWS SAM CLI allows file copy to build container
When running the AWS Serverless Application Model Command Line Interface SAM CLI build process with Docker and symlinks are included in the build files, the container environment allows a user to access privileged files on the host by leveraging the elevated permissions granted to the tool. A use...
AWS SAM CLI 安全漏洞
AWS SAM CLI is an Amazon Web Services open source CLI tool for building, testing, debugging, and deploying serverless applications using AWS SAM. A security vulnerability exists in AWS SAM CLI that stems from the possibility that symbolic link content could be copied to the local workspace cache...
CVE-2025-2858
Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser...
CVE-2023-38272
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments...
CVE-2025-2858 Privilege escalation vulnerability in saTECH BCU
Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser...
CVE-2025-2858
CVE-2025-2858 describes a privilege-escalation in saTECH BCU firmware 2.1.3. An attacker with CLI access could use the nice command to bypass restrictions and elevate to superuser. Multiple sources (NVD, Red Hat, CVE lists, and related enrichments) confirm the vulnerable component and impact as d...
CVE-2025-2858 Privilege escalation vulnerability in saTECH BCU
Privilege escalation vulnerability in the saTECH BCU firmware version 2.1.3. An attacker with access to the CLI of the device could make use of the nice command to bypass all restrictions and elevate privileges as a superuser...
MAL-2025-2915 Malicious code in wdpr-ra-hybrid-cli (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in wdpr-ra-hybrid-cli (npm)
--- -= Per source details. Do not edit below this line.=-...
openSUSE Security Advisory (SUSE-SU-2025:1019-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-27144 affecting package dcos-cli for versions less than 1.2.0-17
CVE-2025-27144 affecting package dcos-cli for versions less than 1.2.0-17. A patched version of the package is available...
CVE-2023-38272
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments...
CVE-2023-38272
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments...
CVE-2023-38272 IBM Cloud Pak System information disclosure
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments...
CVE-2023-38272 IBM Cloud Pak System information disclosure
IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4, 2.3.3.5, 2.3.3.6, 2.3.36 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, 2.3.4.0, and 2.3.4.1 could allow a user with access to the network to obtain sensitive information from CLI arguments...
CVE-2023-38272
IBM Cloud Pak System vulnerabilities CVE-2023-38272 affect versions 2.3.3.0 through 2.3.4.1. The issue could allow a user with network access to read sensitive information from CLI arguments, indicating a information disclosure flaw in CLI handling. The connected IBM bulletin confirms the impact ...
CVE-2024-9773
Summary of CVE-2024-9773 (GitLab EE) An input validation flaw in the Harbor registry integration affects GitLab Enterprise Edition (EE) versions: 14.9 through 17.8.6, 17.9 through 17.8.3, and 17.10 through 17.10.1. The issue could allow a maintainer to inject malicious code into CLI commands show...
CVE-2024-9773 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 14.9 before 17.8.6, all versions starting from 17.9 before 17.8.3, all versions starting from 17.10 before 17.10.1. An input validation issue in the Harbor registry integration could have allowed a maintainer to add malicio...
CVE-2024-9773
Removed by vendor...