Oracle Linux 7 : docker-engine / docker-cli (ELSA-2020-5900)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5900 advisory. - Fix for CVE-2020-15157 - Address CVE-2020-16845 - update to 19.03.11 for CVE-2020-13401 - apply e4931e664feac6fa8846f3f04268a0cc98822549, fixes CVE-2019-5736 ...

CVE-2020-10256

An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user's encrypted data may be able to...

@agneta/cli (>=0.14.7 <=0.14.15), @servisbot/servisbot-cli (>=9.4.0 <=10.3.2) +3 more potentially affected by CVE-2020-7774 via y18n (=4.0.0)

y18n NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on y18n and may be impacted: - @agneta/cli =0.14.7, =9.4.0, =0.14.4, =1.0.0-rc.1, =1.0.0-rc.7 Source cves: CVE-2020-7774 Source advisory: SNYK:JS-Y18N-1021887...

NoSQLi - NoSql Injection CLI Tool

NoSQL scanner and injector. About Nosqli I wanted a better nosql injection tool that was simple to use, fully command line based, and configurable. To that end, I began work on nosqli - a simple nosql injection tool written in Go. It aims to be fast, accurate, and highly usable, with an easy to...

CVE-2020-3459

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this...

Input validation

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this...

Input validation

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this...

Design/Logic Flaw

A vulnerability in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific...

CVE-2020-3352

CVE-2020-3352 affects Cisco Firepower Threat Defense (FTD) Software CLI, where undocumented configuration commands allow an authenticated, local attacker to access hidden commands and modify various device configurations that should not be exposed via CLI. The root cause is exposure of hidden/und...

CVE-2020-3459

CVE-2020-3459 affects Cisco FXOS Software for Firepower 4100/9300 series. The issue stems from insufficient input validation in the CLI, allowing an authenticated, local attacker to submit crafted input that commands are executed with root privileges on the underlying OS. Impact is command inject...

Cisco FXOS Software Command Injection Vulnerability

Update from October 23, 2020: Cisco has become aware of a new Cisco Adaptive Security Appliance vulnerability that could affect the fixed releases recommended for code trains 9.13 and 9.14 in the Fixed Software "fs" section of this advisory. See the Cisco Adaptive Security Appliance Software...

Cisco Firepower Threat Defense Software Hidden Commands Vulnerability

A vulnerability in the CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access hidden commands. The vulnerability is due to the presence of undocumented configuration commands. An attacker could exploit this vulnerability by performing specific...

CVE-2020-1666

The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a previous interactiv...

CVE-2020-1666

CVE-2020-1666 affects Juniper Networks Junos OS Evolved: the console logout-on-disconnect option fails to terminate an active CLI session when the console cable is disconnected. Descriptions across connected documents indicate that a physically proximate attacker could resume a prior interactive ...

NashaVM - A Virtual Machine For .NET Files And Its Runtime Was Made In C++/CLI

Nasha is a Virtual Machine for .NET files and its runtime was made in C++/CLI Installation git clone https://github.com/Mrakovic-ORG/NashaVM --recurse cd NashaVM\NashaVM nuget restore msbuild Limitations Slow Several instructions are not implemented Can bug Dependencies dnlib .NET Framework 4.0...

[SECURITY] Fedora 31 Update: podman-2.1.1-3.fc31

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

CVE-2020-3602

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...

CVE-2020-3601

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...

Input validation

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...

Input validation

A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...