8005 matches found
CVE-2025-20118
A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...
CVE-2025-20117 Cisco Application Policy Infrastructure Controller Authenticated Command Injection Vulnerability
A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due t...
CVE-2025-20117
CVE-2025-20117 affects Cisco APIC CLI. An authenticated, local attacker can execute arbitrary commands as root on the device OS due to insufficient validation of CLI command arguments; success requires valid administrative credentials. The vulnerability stems from improper input validation when p...
CVE-2025-20117 Cisco Application Policy Infrastructure Controller Authenticated Command Injection Vulnerability
A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due t...
AZL-57347 CVE-2025-22869 affecting package cf-cli for versions less than 8.7.11-2
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...
PT-2025-8732 · Cisco · Cisco Apic
Name of the Vulnerable Software and Affected Versions: Cisco APIC affected versions not specified Description: A vulnerability in the CLI could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. The attacker must...
PT-2025-8733 · Cisco · Cisco Apic
Name of the Vulnerable Software and Affected Versions: Cisco APIC affected versions not specified Description: A vulnerability in the implementation of internal system processes could allow an authenticated, local attacker to access sensitive information on an affected device. The attacker must...
GHSA-JM46-725R-HH9V vulnerabilities
Vulnerabilities for packages: python, aws-cli-v2...
GHSA-797F-63WG-8CHV vulnerabilities
Vulnerabilities for packages: python, aws-cli-v2...
GHSA-JM46-725R-HH9V vulnerabilities
Vulnerabilities for packages: python, aws-cli-v2...
AZL-57102 CVE-2025-27144 affecting package dcos-cli for versions less than 1.2.0-17
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE...
AZL-57201 CVE-2025-27144 affecting package dcos-cli for versions less than 1.2.0-20
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE...
postgresql: PostgreSQL quoting APIs miss neutralizing quoting syntax in text that fails encoding validation
A flaw was found in PostgreSQL. Due to improper neutralization of quoting syntax, affected versions potentially allow a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the application to use the affected function's result to constru...
com.github.zhkl0228:netguard (>=0.0.5 <=0.0.6), tech.kwik:flupke (>=0.5.4 <=0.6) +5 more potentially affected by CVE-2025-23020 via tech.kwik:kwik (=0.10)
tech.kwik:kwik MAVEN version =0.10 is affected by a known vulnerability. The following packages have a transitive dependency on tech.kwik:kwik and may be impacted: - com.github.zhkl0228:netguard =0.0.5, =0.5.4, =0.6 - tech.kwik:kwik-cli =0.10 - tech.kwik:kwik-h09 =0.10 - tech.kwik:kwik-interop...
CVE-2023-45288 affecting package cf-cli for versions less than 8.7.3-6
CVE-2023-45288 affecting package cf-cli for versions less than 8.7.3-6. A patched version of the package is available...
CVE-2023-45288 affecting package docker-cli for versions less than 25.0.7-1
CVE-2023-45288 affecting package docker-cli for versions less than 25.0.7-1. An upgraded version of the package is available that resolves this issue...
eq3btsmart (=0.0.0), hass-auth-synology (>=0.0.0 <=0.4.28) +5 more potentially affected by CVE-2025-25305 via homeassistant (>=0.83.3 <=2024.12.5)
homeassistant PYPI version =0.83.3, =0.0.0, =2021.4.0, =0.4.11, =1.2.0, =0.3.0, =0.13.85 Source cves: CVE-2025-25305 Source advisory: OSV:GHSA-M3PM-RPGG-5WJ6...
GHSA-Q4XQ-445G-G6CH vulnerabilities
Vulnerabilities for packages: keycloak, keycloak-operator, keycloak-config-cli...
CVE-2024-4028 vulnerabilities
Vulnerabilities for packages: keycloak-operator, keycloak-fips, keycloak, keycloak-config-cli...
MAL-2025-1465 Malicious code in ing-open-banking-cli-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e671918afbc4f855be4bae3831f2a5b173f03949b1c9de394cf545a13027863e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...