[SECURITY] Fedora 32 Update: mediainfo-20.09-1.fc32

MediaInfo CLI Command Line Interface. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio: codec, sample rate, channels, language, bitrate... Text: language of subtitle Chapters: number of...

The vulnerability of the command-line interface (CLI) of the programmatically defined Cisco SD-WAN network allows a attacker to increase their privileges.

The vulnerability of the command-line interface CLI of Cisco SD-WAN software-defined networks is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

Cisco IOS XE Software IOx Application Hosting Privilege Escalation (cisco-sa-iosxe-iox-app-host-mcZcnsBt)

According to its self-reported version, Cisco IOS XE Software is affected by a privilege escalation vulnerability in the application-hosting subsystem due to incomplete input validation of the user payload of CLI commands and improper role-based access control when commands are issued at the...

Palo Alto Networks PAN-OS 8.1.x < 8.1.17 / 9.0.x < 9.0.11 / 9.1.x < 9.1.2 Information Exposure Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.17 or 9.0.x prior to 9.0.11 or 9.1.x prior to 9.1.2. It is, therefore, affected by a vulnerability. - An information exposure through log file vulnerability exists where the password for the configured syste...

CVE-2020-2048

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17...

Design/Logic Flaw

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17...

CVE-2020-2048

CVE-2020-2048 affects Palo Alto Networks PAN-OS where the password for the configured system proxy server could be exposed in plaintext in log files when using the CLI. Affected versions are PAN-OS 8.1.x before 8.1.17, PAN-OS 9.0.x before 9.0.11, and PAN-OS 9.1.x before 9.1.2. The issue is an inf...

CVE-2020-2048 PAN-OS: System proxy passwords may be logged in clear text while viewing system state

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17...

PAN-OS: System proxy passwords may be logged in clear text while viewing system state

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. Work around: This issue impacts the management web interface. You...

libvpx security update

1.7.0-8 - Resolves: rhbz1796086, rhbz1796100, rhbz1796448, rhbz1796454 - Enable webm-io explicitly 1.7.0-7 - Fix for CVE-2019-9232, CVE-2019-9433, CVE-2019-9371, CVE-2019-2126 - Resolves: rhbz1796086, rhbz1796100, rhbz1796448, rhbz1796454 - Remove php-cli BR...

CVE-2020-3600

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI...

Input validation

A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. The vulnerability is due to improper validation of commands to the remote management CLI of the...

Security feature bypass

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI...

CVE-2020-3600 Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI...

CVE-2020-3600 Cisco SD-WAN Software Privilege Escalation Vulnerability

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. The vulnerability is due to insufficient security controls on the CLI. An attacker could exploit this vulnerability by using an affected CLI...

CVE-2020-27129 Cisco SD-WAN vManage Software Command Injection Vulnerability

A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. The vulnerability is due to improper validation of commands to the remote management CLI of the...

git-lfs Remote Code Execution

/ Go PoC exploit for git-lfs - Remote Code Execution RCE vulnerability CVE-2020-27955 git-lfs-RCE-exploit-CVE-2020-27955.go Discovered by Dawid Golunski https://legalhackers.com https://exploitbox.io Affected RCE exploit: Git / GitHub CLI / GitHub Desktop / Visual Studio / GitKraken / SmartGit /...

stratis-cli bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

nvme-cli bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

Cisco Firepower Threat Defense Software Hidden Commands (cisco-sa-ftd-hidcmd-pFDeWVBd)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in its CLI component which allows access to hidden commands. An authenticated, local attacker could exploit this to access these commands and make configuration changes to various sectio...