8014 matches found
CVE-2023-20217
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker cou...
Input validation
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An...
Design/Logic Flaw
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this...
CVE-2023-20224
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An...
CVE-2023-20224
CVE-2023-20224 affects Cisco ThousandEyes Enterprise Agent Virtual Appliance. The root cause is insufficient input validation of CLI arguments and an insecure sudo configuration that lets a low-privilege user run commands as root via tcpdump. The KoreLogic advisory demonstrates a post-rotate tcpd...
CVE-2023-20217
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation by the operating system CLI. An attacker cou...
CVE-2023-20237
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this...
Cisco Intersight Virtual Appliance Unauthenticated Port Forwarding Vulnerability
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise inaccessible. This vulnerability is due to insufficient restrictions on internally accessible http proxies. An attacker could exploit this...
Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-supplied CLI arguments. An...
[SECURITY] Fedora 38 Update: golang-github-opencontainers-runc-1.1.8-2.fc38
Runc is a CLI tool for spawning and running containers according to the OCI specification...
[SECURITY] Fedora 37 Update: golang-github-opencontainers-runc-1.1.8-2.fc37
Runc is a CLI tool for spawning and running containers according to the OCI specification...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.13.9 bug fix and security update
Red Hat OpenShift Container Platform release 4.13.9 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...
How to connect to Xenserver/dom0 and SVM on a SDX
Demonstrate how to connect to XenServer/dom0 and SVM on an SDX via CLI & GUI...
Cisco ThousandEyes Enterprise Agent 安全漏洞
Cisco ThousandEyes Enterprise Agent is an application from Cisco, Inc. provides extended visibility, automated insights, and seamless workflow. A security vulnerability exists in Cisco ThousandEyes Enterprise Agent that stems from insufficient input validation to the CLI, which could allow an...
PT-2023-4616 · Cisco · Cisco Intersight Virtual Appliance
Name of the Vulnerable Software and Affected Versions: Cisco Intersight Virtual Appliance affected versions not specified Description: A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access internal HTTP services that are otherwise...
Trawler - PowerShell Script To Help Incident Responders Discover Adversary Persistence Mechanisms
Dredging Windows for Persistence What is it? Trawler is a PowerShell script designed to help Incident Responders discover potential indicators of compromise on Windows hosts, primarily focused on persistence mechanisms including Scheduled Tasks, Services, Registry Modifications, Startup Items,...
Malicious code in 1ds-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc8c09b58037e1261454fe703ffc7c5929254eb97c02e35c1b5d495061d192df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-1456 Malicious code in 1ds-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc8c09b58037e1261454fe703ffc7c5929254eb97c02e35c1b5d495061d192df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Fortinet FortiOS Buffer Overflow Vulnerability (CNVD-2023-64450)
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. Fortinet FortiOS suffers from a...
Cisco Evolved Programmable Network Manager Stored Command Injection (cisco-sa-adeos-MLAyEcvk)
A vulnerability in the restricted shell of Cisco EPNM could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the underlying operating system. This vulnerability is due to improper validation of parameters that are sent to a certain CLI command with...