CVE-2023-34039

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI...

Authentication flaw

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI...

Malicious code in remove-bg-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fdcf2ad8e97745b6be357f0d7c486abc18016cb172caf360362952be6284ce15 The OpenSSF Package Analysis project identified 'remove-bg-cli' @ 2.0.8 npm as malicious. It is considered malicious because: - The package...

CVE-2023-39742

giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c...

D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CLI service, which listens on TCP port 23. The server program...

Introducing Wordfence CLI: A High Performance Malware Scanner Built for the Command Line

Today, we are incredibly excited to announce the launch of Wordfence CLI: an open source, high performance malware scanner built for the command-line. With Wordfence CLI you can detect malware and other indicators of compromise on a host system by running an extremely fast scanner that is at home...

Holehe - Tool To Check If The Mail Is Used On Different Sites Like Twitter, Instagram And Will Retrieve Information On Sites With The Forgotten Password Function

Holehe Online Version Summary Efficiently finding registered accounts from emails. Holehe checks if an email is attached to an account on sites like twitter, instagram, imgur and more than 120 others. Retrieves information using the forgotten password function. Does not alert the target email. Ru...

CVE-2023-20234

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...

Design/Logic Flaw

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...

CVE-2023-20234

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...

CVE-2023-20234

CVE-2023-20234 affects Cisco FXOS Software. A authenticated, local attacker can exploit an CLI command without input validation to create or overwrite arbitrary files on the device filesystem, including system files. The issue requires valid administrative credentials and is local in scope; impac...

Cisco FXOS Software Arbitrary File Write Vulnerability

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command ...

PT-2023-4500 · NetGear · Netgear Rax30

Name of the Vulnerable Software and Affected Versions: NETGEAR RAX30 affected versions not specified Description: The issue is related to a stack-based buffer overflow in the telnet CLI service of NETGEAR RAX30 routers, allowing network-adjacent attackers to execute arbitrary code on affected...

NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the telnet C...

Xsubfind3R - A CLI Utility To Find Domain'S Known Subdomains From Curated Passive Online Sources

xsubfind3r is a command-line interface CLI utility to find domain's known subdomains from curated passive online sources. Features Fetches domains from curated passive sources to maximize results. Supports stdin and stdout for easy integration into workflows. Cross-Platform Windows, Linux & macOS...

While trying to gather logs the file shows "Could not process the file. File size is too large".

- While trying to reach the logs via the ADC GUI it says "Could not process the file. File size is too large " - The file is not that large less than 1-5 MB and can be observed via CLI or extracted via SFTP. - Only fails via GUI...

CVE-2023-29182

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

Stack overflow

A stack-based buffer overflow vulnerability CWE-121 in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

Protect

A stack-based buffer overflow vulnerability CWE-121 in FortiOS may allow a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections...

CVE-2023-20237

A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this...