CVE-2021-1256 Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability

A vulnerability in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files...

CVE-2021-21414

Prisma is an open source ORM for Node.js & TypeScript. As of today, we are not aware of any Prisma users or external consumers of the @prisma/sdk package who are affected by this security vulnerability. This issue may lead to remote code execution if a client of the library calls the vulnerable...

CVE-2021-21414

Prisma is an open source ORM for Node.js & TypeScript. As of today, we are not aware of any Prisma users or external consumers of the @prisma/sdk package who are affected by this security vulnerability. This issue may lead to remote code execution if a client of the library calls the vulnerable...

Cisco Firepower Threat Defense Software Command File Overwrite Vulnerability

A vulnerability in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files...

PT-2021-2833 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance Software ASA and Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to insufficient input validation of commands supplied by the user in the CLI of t...

PT-2021-2794 · Cisco · Cisco Ftd

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to overwrite files on the file...

Fav-Up - IP Lookup By Favicon Using Shodan

Lookups for real IP starting from the favicon icon and using Shodan. Installation pip3 install -r requirements.txt Shodan API key not the free one Usage CLI First define how you pass the API key: -k or --key to pass the key to the stdin -kf or --key-file to pass the filename which get the key fro...

[SECURITY] Fedora 34 Update: podman-3.1.2-1.fc34

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

[SECURITY] Fedora 33 Update: podman-3.1.2-1.fc33

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

U.S. Dept Of Defense: S3 bucket listing/download

It's possible to get a listing and download every file in the S3 bucket ██████████ and ███████ . Supporting Material/References https://hackerone.com/reports/278191 Impact An attacker can download files that are not intended to be public, both buckets are very big. An attacker can increase...

CVE-2021-0257

On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs Modular Port Concentrators where Integrated Routing and Bridging IRB interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge CE devices may cause memo...

CVE-2021-0234

Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS Distributed Denial of Service settings when configured from the CLI. The DDoS...

CVE-2021-0238

When a MX Series is configured as a Broadband Network Gateway BNG based on Layer 2 Tunneling Protocol L2TP, executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. An administrator can use the following CLI command to monito...

CVE-2021-0230

On Juniper Networks SRX Series devices with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic wil...

CVE-2021-0234

Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS Distributed Denial of Service settings when configured from the CLI. The DDoS...

Input validation

Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS Distributed Denial of Service settings when configured from the CLI. The DDoS...

Design/Logic Flaw

An Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS Evolved may cause the stateless firewall filter configuration which uses the action 'policer' in certain combinations with other options to not take effect. An administrator can use the following CLI command to s...

Command injection

When a MX Series is configured as a Broadband Network Gateway BNG based on Layer 2 Tunneling Protocol L2TP, executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. An administrator can use the following CLI command to monito...

CVE-2021-0238

CVE-2021-0238 affects Junos OS on MX Series: repeatedly executing a CLI command may exhaust disk space, causing partial availability impact. Vulnerable versions include MX Series 17.3R1 and newer, up to but not including 17.4R3-S5, then 18.1–20.4 with various sub-versions listed; the issue does n...

CVE-2021-0238 Junos OS: MX Series: Executing CLI command repetitively may cause the system to run out of disk space

When a MX Series is configured as a Broadband Network Gateway BNG based on Layer 2 Tunneling Protocol L2TP, executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. An administrator can use the following CLI command to monito...