CVE-2021-37941

A local privilege escalation issue was found with the APM Java agent, where a user on the system could attach a malicious file to an application running with the APM Java agent. Using this vector, a malicious or compromised user account could use the agent to run commands at a higher level of...

Improper access control

An improper access control vulnerability CWE-284 in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to superadmin via a specific crafted...

CVE-2021-26110

An improper access control vulnerability CWE-284 in FortiOS autod daemon 7.0.0, 6.4.6 and below, 6.2.9 and below, 6.0.12 and below and FortiProxy 2.0.1 and below, 1.2.9 and below may allow an authenticated low-privileged attacker to escalate their privileges to superadmin via a specific crafted...

Meru AP - Unrestricted execution of OS commands as root

An improper sanitization of commands elements OS Command Injection vulnerability CWE-78 in Meru AP may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted commands in Meru AP's CLI...

CVE-2021-43784

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the C portion of the code responsible for the based namespace setup of container...

Integer overflow

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the C portion of the code responsible for the based namespace setup of container...

@agoric/cosmic-swingset (>=0.10.8 <=0.18.0), @agoric/ertp (>=0.1.4 <=0.4.1) +18 more potentially affected by CVE-2021-23543 via realms-shim (=1.2.2)

realms-shim NPM version =1.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on realms-shim and may be impacted: - @agoric/cosmic-swingset =0.10.8, =0.1.4, =0.0.1, =0.1.1, =0.0.1, =0.0.20, =0.1.0, =2.0.1, =1.0.0, =0.0.1, =0.4.1, =0.0.6, =0.0.1-alpha2,...

CVE-2021-43784

runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a serialization system for specifying the relevant container configuration to the C portion of the code responsible for the based namespace setup of container...

IAM Vulnerable - Use Terraform To Create Your Own Vulnerable By Design AWS IAM Privilege Escalation Playground

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground. IAM Vulnerable uses the Terraform binary and your AWS credentials to deploy over 250 IAM resources into your selected AWS account. Within minutes, you can start learning how to identify and exploit...

OS Command injection in docker-cli-js

Withdrawn After reviewing this CVE, and this response from the maintainer, we have withdrawn this advisory. Original CVE description This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will ...

GHSA-FF45-7PRW-58VJ OS Command injection in docker-cli-js

Withdrawn After reviewing this CVE, and this response from the maintainer, we have withdrawn this advisory. Original CVE description This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will ...

Moderate: Red Hat Security Advisory: ACS 3.67 security and enhancement update

Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes RHACS. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Vulristics Command Line Interface, improved Product & Vuln. Type Detections and Microsoft Patch Tuesday November 2021

Hello everyone! In this episode I want to highlight the latest changes in my Vulristics project. For those who dont know, this is a utility for prioritizing CVE vulnerabilities based on data from various sources.. Currently Microsoft, NVD, Vulners, AttackerKB. Command Line Interface I started...

CVE-2021-43780

Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...

CVE-2021-43780

Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...

Whispers - Identify Hardcoded Secrets In Static Structured Text

"My little birds are everywhere, even in the North, they whisper to me the strangest stories." - Lord Varys Whispers is a static code analysis tool designed for parsing various common data formats in search of hardcoded credentials and dangerous functions. Whispers can run in the CLI or you can...

Moderate: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.19.0

Release of OpenShift Serverless Client kn 1.19.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Registry-Recon - Cobalt Strike Aggressor Script That Performs System/AV/EDR Recon

Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon. Author: Jess Hires Description As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most stealthy way possible. Some of our usual tooling for this...

Palo Alto Networks PAN-OS 8.1.x < 8.1.20-h1 / 9.0.x < 9.0.14-h3 / 9.1.x < 9.1.11-h2 / 10.0.x < 10.0.8 / 10.1.x < 10.1.3 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.20-h1 or 9.0.x prior to 9.0.14-h3 or 9.1.x prior to 9.1.11-h2 or 10.0.x prior to 10.0.8 or 10.1.x prior to 10.1.3. It is, therefore, affected by a vulnerability. - An OS command injection vulnerability in th...

CVE-2021-32600

An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and t...