GHSA-7H5P-MMPP-HGMM Nuclei Template Signature Verification Bypass

Summary A vulnerability has been identified in Nuclei's template signature verification system that could allow an attacker to bypass the signature check and possibly execute malicious code via custom code template. Affected Component The vulnerability is present in the template signature...

CVE-2024-20469 Cisco Identity Services Engine Command Injection Vulnerability

A vulnerability in specific CLI commands in Cisco Identity Services Engine ISE could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid...

CVE-2024-20469

Cisco CVE-2024-20469 is a local-authenticated command-injection vulnerability in specific Cisco Identity Services Engine (ISE) CLI commands. It allows an authenticated administrator to submit crafted CLI input to execute arbitrary OS commands with root privileges (privilege escalation). The vulne...

Cisco Identity Services Engine Command Injection Vulnerability

A vulnerability in specific CLI commands in Cisco Identity Services Engine ISE could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid...

CVE-2024-43405

Insight: CVE-2024-43405 affects ProjectDiscovery Nuclei. The issue is in the template signature verification (signer package), where a newline handling discrepancy between the signature verification and YAML parsing allows an attacker to craft templates that bypass digest verification and potenti...

CVE-2024-43405 Nuclei Template Signature Verification Bypass

Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code...

CVE-2024-43405 Nuclei Template Signature Verification Bypass

Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and possibly execute malicious code via custom code...

CVE-2024-45391 Tina search token leak via lock file in TinaCMS

Tina is an open-source content management system CMS. Sites building with Tina CMS's command line interface CLI prior to version 1.6.2 that use a search token may be vulnerable to the search token being leaked via lock file tina-lock.json. Administrators of Tina-enabled websites with search setup...

CVE-2024-45391

The CVE-2024-45391 vulnerability affects Tina CMS when using Tina CLI before version 1.6.2. A search token may be leaked via the tina-lock.json lock file. The issue is mitigated by upgrading to @tinacms/cli 1.6.2 and rotating the search token. If upgrading is not feasible, token rotation remains ...

CVE-2024-45391 Tina search token leak via lock file in TinaCMS

Tina is an open-source content management system CMS. Sites building with Tina CMS's command line interface CLI prior to version 1.6.2 that use a search token may be vulnerable to the search token being leaked via lock file tina-lock.json. Administrators of Tina-enabled websites with search setup...

Tina search token leak via lock file in TinaCMS

Impact Tina search token leaked via lock file tina-lock.json in TinaCMS. Sites building with @tinacms/cli 1.6.2 that use a search token are impacted. If your Tina-enabled website has search setup, you should rotate that key immediately. Patches This issue has been patched in @tinacms/[email protected]...

CVE-2024-45310 runc can be confused to create empty files/directories on the host

runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or directories in arbitrary locations in the host filesystem by sharing a volume between two containers an...

PT-2024-31595 · Unknown · @Tinacms/Cli

Name of the Vulnerable Software and Affected Versions: @tinacms/cli versions prior to 1.6.2 Description: Tina is an open-source content management system CMS. Sites building with Tina CMS's command line interface CLI that use a search token may be vulnerable to the search token being leaked via...

CVE-2024-8260

An SMB force-authentication vulnerability exists in all versions of OPA. The vulnerability exists due to improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or one of the OPA Go library’s functions. Mitigation Mitigation for...

Varnish Cache CLI File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/tcp/client' require 'metasploit/framework/varnish/client' class MetasploitModule 'Varnish Cache CLI File Read', 'Description' = 'This modul...

Jenkins cli Ampersand Replacement Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins cli Ampersand Replacement Arbitrary File Read', 'Description' = %q This module utilizes the Jenkins cli protocol to run the help command...

Varnish Cache CLI Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/varnish' require 'metasploit/framework/tcp/client' class MetasploitModule...

OPA for Windows has an SMB force-authentication vulnerability

A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...

GHSA-C77R-FH37-X2PX vulnerabilities

Vulnerabilities for packages: cosign, snyk-cli, spire-server, datadog-agent, k8sgpt, zarf, policy-controller, opa, conftest, zot, kubescape, kots, tfsec...

GHSA-C77R-FH37-X2PX OPA for Windows has an SMB force-authentication vulnerability

A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s...