Cisco Identity Services Engine Command Injection (CVE-2023-20175)

According to its self-reported version, Cisco Identity Services Engine is affected by a command injection vulnerability. A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and...

CVE-2023-20175

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher ...

Command injection

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher ...

CVE-2023-20175

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher ...

CVE-2023-20175

CVE-2023-20175 applies to Cisco Identity Services Engine (ISE). Affected: ISE CLI command allows an authenticated, local attacker with at least Read-only privileges to submit crafted CLI input, triggering command injection and potential root privilege escalation on the underlying OS. Root cause: ...

CVE-2023-20170

Summary : CVE-2023-20170 is a vulnerability in Cisco Identity Services Engine (ISE) related to a specific CLI command. An authenticated local attacker with Administrator privileges can exploit insufficient input validation to perform a command injection on the underlying OS and elevate privileges...

CVE-2023-20170

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the...

Announcing Vulnerability Scanning in Wordfence CLI 2.0.1 “Voodoo Child”

Note: If youre a WordPress user, we recommend the Wordfence Security Plugin which provides a robust and complete set of security controls for WordPress websites. If you host WordPress servers and need high performance malware and vulnerability scanning on the command line, read on! Our mission at...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.0 security and extras update

Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a security impact of...

Important: Red Hat Security Advisory: skupper-cli and skupper-router security update

An update for skupper-cli and skupper-router is now available for Service Interconnect 1 for RHEL 8 and Service Interconnect 1 for RHEL 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

hass-auth-synology (>=0.0.0 <=0.4.28), homeassistant-cli (=0.2.0) +4 more potentially affected by CVE-2023-41893 via homeassistant (>=0.83.3 <=2023.8.4)

homeassistant PYPI version =0.83.3, =0.0.0, =2021.4.0, =0.4.11, =1.2.0, =0.3.0, =0.13.85 Source cves: CVE-2023-41893 Source advisory: OSV:GHSA-QHHJ-7HRC-GQJ5...

PT-2023-7306 · Zyxel · Zyxel Nwa50Ax +8

Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 4.32 through 5.37 Zyxel USG FLEX series versions 4.50 through 5.37 Zyxel USG FLEX 50W series versions 4.16 through 5.37 Zyxel USG20W-VPN series versions 4.16 through 5.37 Zyxel VPN series versions 4.30 through 5.37...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.40 security and extras update

Red Hat OpenShift Container Platform release 4.12.40 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of...

Information Disclosure

@tauri-apps/cli is vulnerable to Information Disclosure. This vulnerability is due to a commonly used misconfiguration which leads to the leakage of the private key and updater key password. If envPrefix: 'VITE', 'TAURI', was pasted from the documentation into vite.config.ts, the TAURIPRIVATEKEY...

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Client tkn for 1.12.1 release and security update

Red Hat OpenShift Pipelines Client tkn for 1.12.1 has been released. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

CVE-2023-43066

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands...

CVE-2023-43066

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands...

Design/Logic Flaw

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands...

CVE-2023-43066

Dell Unity prior to 5.3 contains a Restricted Shell Bypass vulnerability. This could allow an authenticated, local attacker to exploit this vulnerability by authenticating to the device CLI and issuing certain commands...

pake-cli (>=2.0.7 <=2.0.7-beta3) potentially affected by CVE-2023-46115 via @tauri-apps/cli (=1.3.1)

@tauri-apps/cli NPM version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on @tauri-apps/cli and may be impacted: - pake-cli =2.0.7, =2.0.7-beta3 Source cves: CVE-2023-46115 Source advisory: OSV:GHSA-2RCP-JVR4-R259...