Cisco Adaptive Security Appliance and Firepower Threat Defense Software FXOS CLI Root Privilege Escalation Vulnerability

A vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to elevate their administrative privileges to root. The attacker would need...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.14.39 security update

Red Hat OpenShift Container Platform release 4.14.39 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

PT-2024-33301 · Snyk · Snyk Cli

Name of the Vulnerable Software and Affected Versions: Snyk CLI versions prior to 1.1294.0 Description: The issue is related to Code Injection when scanning an untrusted Gradle project. It can be triggered if a test is run inside the untrusted project due to the improper handling of the current...

Snyk CLI 安全漏洞

Snyk CLI is a build-time tool from Snyk USA for finding and fixing known vulnerabilities in projects. A security vulnerability exists in Snyk CLI versions prior to 1.1294.0 that stems from vulnerability to code injection attacks when scanning for untrusted PHP projects...

Python Command Injection Vulnerability (Oct 2024) - Mac OS X

Python is prone to a command injection vulnerability in the venv module. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-9287

A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means that...

PSF-2024-12

A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means that...

CVE-2024-9287 Virtual environment (venv) activation scripts don't quote paths

A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means that...

Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers

Details have emerged about a now-patched security flaw in Styra's Open Policy Agent OPA that, if successfully exploited, could have led to leakage of New Technology LAN Manager NTLM hashes. "The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server's local us...

CVE-2024-9677

The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this...

CVE-2024-9677

The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this...

CVE-2024-9677

Affected: Zyxel USG FLEX H series devices running uOS firmware v1.21 and earlier. Vulnerable component: CLI commands where credentials are insufficiently protected, enabling an authenticated local attacker to escalate privileges by stealing a login administrator’s authentication token if the admi...

[SECURITY] Fedora 41 Update: podman-5.2.5-1.fc41

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

CVE-2024-20461

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

CVE-2024-20461 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

CVE-2024-20461

CVE-2024-20461 affects Cisco ATA 190 Series Analog Telephone Adapter firmware. The vulnerability stems from insufficient sanitization of CLI input, allowing an authenticated, local attacker with high privileges to execute arbitrary commands as root and potentially read/write the underlying OS. Co...

CVE-2024-20461 Cisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection Vulnerability

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

Malicious code in py-solana-cli (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-10110 Malicious code in py-solana-cli (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in crowdin-cli-website (npm)

--- -= Per source details. Do not edit below this line.=-...