CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

Improper Access Control

Rancher is vulnerable to Improper Access Control. The vulnerability is due to improper access due to unauthenticated users being able to list and delete CLI authentication tokens before they can be retrieved, preventing CLI-based login for SAML-authenticated users...

PT-2025-9860 · Jenkins +1 · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.499 and earlier, LTS versions 2.492.1 and earlier Description: The issue allows attackers with View/Read permission to view encrypted values of secrets when accessing config.xml of views via REST API or CLI. This occurs...

Linux Distros Unpatched Vulnerability : CVE-2022-39334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nextcloud also ships a CLI utility called nextcloudcmd which is sometimes used for automated scripting and headless servers. Versions of nextcloudcmd prior to...

CVE-2025-23368

CVE-2025-23368 relates to the Wildfly Elytron integration exposing a brute-force risk for CLI authentication. Red Hat’s advisory RHSA-2026:18059 (and CVE-2025-23368‑specific RHSA-2026:18059-CVE-2025-23368) fixes this in Red Hat JBoss Enterprise Application Platform 8.1.6 and WildFly Core updates....

Linux Distros Unpatched Vulnerability : CVE-2017-2667

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verifyssl flag for apipie-bindings that disable it by default. As a...

GO-2025-3467 `gh attestation verify` returns incorrect exit code during verification if no attestations are present in github.com/cli/cli

gh attestation verify returns incorrect exit code during verification if no attestations are present in github.com/cli/cli...

openSUSE Security Advisory (SUSE-SU-2025:0751-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Insertion of Sensitive Information into Log File

Overview kuzu is an An in-process property graph database management system built for query speed and scalability. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in cli workflow. Confidential information such as s3secretaccesskey is cached in...

Insertion of Sensitive Information into Log File

Overview kuzu is an An in-process property graph database management system built for query speed and scalability. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in cli workflow. Confidential information such as s3secretaccesskey is cached in...

SUSE SLES15 / openSUSE 15 Security Update : azure-cli (SUSE-SU-2025:0751-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0751-1 advisory. - CVE-2024-43591: improper neutralization of special elements could allow users to run Azure CLI commands that result in certa...

Security update for azure-cli

This update for azure-cli fixes the following issues: CVE-2024-43591: improper neutralization of special elements could allow users to run Azure CLI commands that result in certain service management operations being performed with System level permissions in Azure Defender for Cloud bsc1231971...

SUSE-SU-2025:0751-1 Security update for azure-cli

This update for azure-cli fixes the following issues: - CVE-2024-43591: improper neutralization of special elements could allow users to run Azure CLI commands that result in certain service management operations being performed with System level permissions in Azure Defender for Cloud bsc1231971...

CVE-2025-20118

A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...

Rancher's SAML-based login via CLI can be denied by unauthenticated users

Impact A vulnerability has been identified within Rancher where it is possible for an unauthenticated user to list all CLI authentication tokens and delete them before the CLI is able to get the token value. This effectively prevents users from logging in via the CLI when using rancher token as t...

GHSA-5QMP-9X47-92Q8 Rancher's SAML-based login via CLI can be denied by unauthenticated users

Impact A vulnerability has been identified within Rancher where it is possible for an unauthenticated user to list all CLI authentication tokens and delete them before the CLI is able to get the token value. This effectively prevents users from logging in via the CLI when using rancher token as t...

Command injection in LLama-Index CLI

Description There is an OS command injection vulnerability in the LLama-Index CLI. Because of pasting the --files argument directly into os.system, an attacker who controls the content of this argument can inject shell commands. The vulnerability was marked as "Local" in the CVSS rating because t...

Cisco APIC Multiple Vulnerabilities (cisco-sa-apic-multi-vulns-9ummtg5)

According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by multiple vulnerabilities. - A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could...

PT-2025-9094 · Rancher · Rancher

Name of the Vulnerable Software and Affected Versions: Rancher versions prior to v2.8.13 Rancher versions prior to v2.9.7 Rancher versions prior to v2.10.3 Description: A vulnerability has been identified in Rancher where an unauthenticated user can list and delete CLI authentication tokens,...

CVE-2025-20118

A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...