The vulnerability of the command-line interface (CLI) of the Fortinet FortiManager device management software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the command-line interface CLI of the Fortinet FortiManager device management software is related to an incorrect session duration. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

USN-7216-1: tqdm vulnerability

It was discovered that tqdm did not properly sanitize non-boolean CLI Arguments. A local attacker could possibly use this issue to execute arbitrary code on the host. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-34062...

2vyper (=0.3.0), ape-dasy (=0.1.0) +30 more potentially affected by CVE-2025-21607 via vyper (>=0.1.0b12 <=0.4.0)

vyper PYPI version =0.1.0b12, =0.7.1, =0.1.0, =0.0.0, =0.0.0, =0.0.5, =0.1.0, =0.1.0, =0.7.2, =0.1.10.0, =1.0.1, =0.1.0, =1.4.0, =1.20.7 and more Source cves: CVE-2025-21607 Source advisory: OSV:PYSEC-2025-33...

CVE-2025-23052 Authenticated Command Injection Vulnerability allows Unauthorized Command Execution in CLI Interface

Authenticated command injection vulnerability in the command line interface of a network management service. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2024-39768

Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...

CVE-2024-39768

Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...

CVE-2024-39768

Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...

CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections...

CVE-2023-37937

An improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code o...

CVE-2024-21758

The CVE-2024-21758 entry concerns a stack-based buffer overflow in Fortinet FortiWeb CLI handling that affects FortiWeb versions 7.2.0–7.2.7 and 7.4.0–7.4.1. The vulnerability could allow a privileged user to execute arbitrary code if FortiWeb stack protections are bypassed. No exploitation detai...

CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections...

CVE-2024-21758

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections...

CVE-2024-47566

A improper limitation of a pathname to a restricted directory 'path traversal' CWE-23 in Fortinet FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4 allows a privileged attacker to delete files from the underlying filesystem via crafted CLI requests...

CVE-2023-37937

An improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code o...

CVE-2024-45338 affecting package cf-cli for versions less than 8.4.0-23

CVE-2024-45338 affecting package cf-cli for versions less than 8.4.0-23. A patched version of the package is available...

PT-2025-1190 · Fortinet · Fortiswitch

Name of the Vulnerable Software and Affected Versions: Fortinet FortiSwitch versions 6.0.0 through 6.0.7 Fortinet FortiSwitch versions 6.2.0 through 6.2.7 Fortinet FortiSwitch versions 6.4.0 through 6.4.13 Fortinet FortiSwitch versions 7.0.0 through 7.0.7 Fortinet FortiSwitch versions 7.2.0 throu...

PT-2025-2557 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple buffer overflow vulnerabilities exist in the internet.cgi set qos functionality. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an...

WAVLINK AC3000 安全漏洞

WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the climac parameter of the internet.cgi setqos function that fails to correctly validate the length and size of the input...

Fortinet FortiWeb - Stack overflow in execute backup command (FG-IR-23-458)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-458 advisory. - A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a...

gpt-cli (>=0.0.13 <=0.0.20), htmlentity (>=0.1.0 <=1.2.0) +4 more potentially affected by unknown CVE via grcov (>=0.5.15 <=0.8.13)

grcov CARGO version =0.5.15, =0.0.13, =0.1.0, =0.2.0, =0.2.3 - rye-grain =0.0.1 - slobberchops-test1 =1.4.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0005...