CVE-2022-38547

CVE-2022-38547 is a post-authentication command-injection vulnerability in Zyxel ZyWALL/USG CLI commands. Affected firmware ranges are ZyWALL/USG series 4.20–4.72, VPN series 4.30–5.32, USG FLEX series 4.50–5.32, and ATP series 4.32–5.32. The issue stems from improper sanitization of inputs in CL...

Hyperledger: [indy_node]POOL_UPGRADE command injection, Trustee Node can execute command in any other Node`s system.

Vulnerability description not provided...

Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine ISE CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid...

CVE-2023-20023

Multiple vulnerabilities in specific Cisco Identity Services Engine ISE CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid...

grunt-yellowlabtools (>=0.0.1 <=1.2.1), install-is (>=1.4.0 <=1.4.2) +3 more potentially affected by CVE-2022-25906 via is-http2 (>=1.0.4 <=1.2.0)

is-http2 NPM version =1.0.4, =0.0.1, =1.4.0, =1.0.0, =1.10.0, =1.13.4 Source cves: CVE-2022-25906 Source advisory: OSV:GHSA-2275-RPF5-XV8H...

@unete/cli (>=1.0.0-13 <=1.0.0-17), bootcamp-cli (=0.0.1) potentially affected by CVE-2024-21531 via git-shallow-clone (=0.0.2)

git-shallow-clone NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on git-shallow-clone and may be impacted: - @unete/cli =1.0.0-13, =1.0.0-17 - bootcamp-cli =0.0.1 Source cves: CVE-2024-21531 Source advisory:...

-llscw-react-cli (>=1.0.0 <=1.1.0-beta2), 002-node-cli (=1.0.0) +21426 more potentially affected by CVE-2022-25881 via http-cache-semantics (>=3.7.3 <=4.1.0)

http-cache-semantics NPM version =3.7.3, =1.0.0, =2.5.0, =0.0.1, =0.0.4 - 1095h-cli =1.0.1 - 10secondsofcode-custom =1.0.0 and more Source cves: CVE-2022-25881 Source advisory: OSV:GHSA-RC47-6667-2J5J...

CVE-2022-41027

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

CVE-2022-41030

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

CVE-2022-41027

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

CVE-2022-40995

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

CVE-2022-40989

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

1508-cli (>=1.0.4 <=1.0.6), 40banner (>=1.0.0 <=1.1.2) +4528 more potentially affected by CVE-2022-25860 via simple-git (>=0.10.0 <=3.15.1)

simple-git NPM version =0.10.0, =1.0.4, =1.0.0, =0.0.80, =1.0.0, =2.0.0, =0.0.0, =0.0.1, =0.0.1, =0.0.5, =0.0.5, =0.0.5, =0.0.5, =0.0.5, =0.1.16 and more Source cves: CVE-2022-25860 Source advisory: OSV:GHSA-9W5J-4MWV-2WJ8...

PT-2023-13952 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary command...

PT-2023-13909 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: Several stack-based buffer overflow issues exist in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary command execution. An...

Siemens SCALANCE X-300 Switches Stack-Based Buffer Overflow (CVE-2022-25753)

A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...

PT-2023-2727 · NetGear · Netgear Rax30

Name of the Vulnerable Software and Affected Versions: NETGEAR RAX30 affected versions not specified Description: The issue is related to the libcms cli module in the NETGEAR RAX30 router's software, which lacks proper input validation. This allows an attacker to execute arbitrary code in the...

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=6.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=6.4.0) +139 more potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.convertors (>=0.0.1 <=5.6.91)

ca.uhn.hapi.fhir:org.hl7.fhir.convertors MAVEN version =0.0.1, =4.0.0, =5.6.5, =4.1.0, =4.0.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =5.3.0, =4.0.0, =4.0.0, =6.4.0 and more Source cves: CVE-2023-24057 Source advisory: OSV:GHSA-JQH6-9574-5X22...

au.csiro.pathling:encoders (>=5.1.0 <=6.1.4), au.csiro.pathling:fhir-server (>=5.3.1 <=6.1.4) +224 more potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=5.6.91)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =5.1.0, =5.3.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =5.6.5, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.2.1 and more Source cves: CVE-2023-24057 Source advisory: OSV:GHSA-JQH6-9574-5X22...

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=6.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=6.4.0) +133 more potentially affected by CVE-2023-24057 via ca.uhn.hapi.fhir:org.hl7.fhir.validation (>=1.0.0 <=5.6.91)

ca.uhn.hapi.fhir:org.hl7.fhir.validation MAVEN version =1.0.0, =4.0.0, =5.6.5, =4.1.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =5.3.0, =4.0.0, =4.0.0, =4.0.0, =5.4.0 and more Source cves: CVE-2023-24057 Source advisory: OSV:GHSA-JQH6-9574-5X22...