Cisco SD-WAN Software Arbitrary File Corruption (cisco-sa-sdwan-privesc-cli-xkGwmqKu)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by a vulnerability. - A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to...

Cisco SD-WAN Software Privilege Escalation Vulnerabilities (cisco-sa-sd-wan-priv-E6e8tEdF)

According to its self-reported version, Cisco SD-WAN Viptela Software is affected by multiple vulnerabilities. - Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access...

CVE-2022-20930

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands...

Cisco SD-WAN Arbitrary File Deletion Vulnerability

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit...

CVE-2022-20775

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted...

Cisco SD-WAN Software Privilege Escalation Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a...

Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation Vulnerability

A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the...

Cisco SD-WAN Software Arbitrary File Corruption Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting arbitrary commands...

CVE-2022-20850

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit...

CVE-2022-20818

Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a...

Cisco SD-WAN 操作系统命令注入漏洞

Cisco SD-WAN is a highly secure cloud-scale architecture from Cisco that is open, programmable, and scalable. A parameter injection vulnerability exists in the CLI of Cisco SD-WAN Software, which stems from insufficient validation of inputs. Detailed vulnerability details are not available at thi...

PT-2022-6017 · Cisco · Cisco Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Software affected versions not specified Description: A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite and possibly corrupt files on an affected system. This issue is d...

pyFlipper - Unoffical Flipper Zero Cli Wrapper Written In Python

Unoffical Flipper Zero cli wrapper written in Python Functions and characteristics: Flipper serial CLI wrapper Websocket client interface Setup instructions: $ git clone https://github.com/wh00hw/pyFlipper.git $ cd pyFlipper $ python3 -m venv venv $ source venv/bin/activate $ pip install -r...

CVE-2022-39245

CVE-2022-39245 affects Mist, the CLI for the makedeb package repository. Before version 0.9.5, a local user could inject a user-provided sudo binary via PATH, causing arbitrary commands to run with root privileges. The issue is fixed in versions 0.9.5 and later (patch applied); no public workarou...

SUSE SLES15 Security Update : kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container (SUSE-SU-2022:3333-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3333-1 advisory. - A path traversal vulnerability in KubeVirt versions up to 0.56 and 0.55.1 on all platforms allows a user able to configure the...

Jenkins Compuware Common Configuration Plugin vulnerable to Improper Restriction of XML External Entity Reference

Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to change the contents of the Topaz Workbench CLI home directory on agents to have Jenkins parse a crafted file that uses...

GHSA-G43X-PCC9-F472 Jenkins Compuware Common Configuration Plugin vulnerable to Improper Restriction of XML External Entity Reference

Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to change the contents of the Topaz Workbench CLI home directory on agents to have Jenkins parse a crafted file that uses...

SUSE SLES15 Security Update : kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator-container (SUSE-SU-2022:3321-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3321-1 advisory. - A path traversal vulnerability in KubeVirt versions up to 0.56 and 0.55.1 on all platforms allows a user able to configure the...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.11.5 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35972 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35972 Source advisory: OSV:GHSA-4PC4-M9MJ-V2R9...