Cisco UCS Manager Software Local Management CLI DoS (cisco-sa-ucs-cli-dos-GQUxCnTe)

According to its self-reported version, Cisco Unified Computing System Managed is affected by a DoS vulnerability. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit this vulnerability by executing specific commands on the local-mgmt CLI on an...

Geo-Recon - An OSINT CLI Tool Desgined To Fast Track IP Reputation And Geo-locaton Look Up For Security Analysts

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts. Setup This tool is compactible with: Any Linux Operating System Debian, Ubuntu, CentOS Termux Linux Setup git clone https://github.com/radioactivetobi/geo-recon.git cd geo-recon chmod +x...

@5lions/library-registry-admin (=0.0.0), @adobe/helix-cli (>=3.0.0 <=5.2.0) +366 more potentially affected by unknown CVE via dompurify (>=0.6.6 <=2.0.5)

dompurify NPM version =0.6.6, =3.0.0, =2.2.0, =0.0.2, =1.0.1, =0.6.0, =0.1.0, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.7.3-dev, =0.15.0, =0.7.3-dev, =0.7.3-dev, =0.7.8 and more Source cves: unknown CVE Source advisory: OSV:GHSA-MJJQ-C88Q-QHR6...

@uni-cli/cli (>=1.0.6 <=1.0.12), @uni-cli/init (=1.0.12) +1 more potentially affected by unknown CVE via fs-extar (=0.0.1-security)

fs-extar NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on fs-extar and may be impacted: - @uni-cli/cli =1.0.6, =1.0.12 - @uni-cli/init =1.0.12 - hwsz-tools =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-435C-QCPM-W...

Bbrecon - Python Library And CLI For The Bug Bounty Recon API

Bug Bounty Recon bbrecon is a free Recon-as-a-Service for bug bounty hunters and security researchers. The API aims to provide a continuously up-to-date map of the Internet "safe harbor" attack surface, excluding out-of-scope targets. It comes with an ergonomic CLI and Python library. This...

Cisco UCS Manager Software Local Management CLI Command Injection Vulnerability

According to its self-reported version, Cisco Unified Computing System Managed is affected by a vulnerability. Please see the included Cisco BIDs and Cisco Security Advisory for more information. TRUSTED...

bismagul_project08_quiz (>=1.0.0 <=1.0.1), cli-advanture-game (=1.0.0) +5 more potentially affected by unknown CVE via calk (=0.0.1-security)

calk NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on calk and may be impacted: - bismagulproject08quiz =1.0.0, =1.0.0, =1.0.0, =1.0.1 - todoterminallist =1.0.0 - zhs-cli-advanture-game =1.0.0 Source cves: unknown CVE Source...

@dudadev/zip-modifier-utils (=1.1.0), @newsssticketing/common (>=1.0.4 <=1.0.16) +4 more potentially affected by unknown CVE via experss (=0.0.1-security)

experss NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on experss and may be impacted: - @dudadev/zip-modifier-utils =1.1.0 - @newsssticketing/common =1.0.4, =2.0.1, =1.0.2, =1.0.6 Source cves: unknown CVE Source advisory:...

my-testutil (=1.0.1), storm-test (=0.0.1) +1 more potentially affected by unknown CVE via wepack-cli (=0.0.1-security)

wepack-cli NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on wepack-cli and may be impacted: - my-testutil =1.0.1 - storm-test =0.0.1 - stormydb =0.1.1, =0.5.2 Source cves: unknown CVE Source advisory: OSV:GHSA-FPW3-X4XQ-6VXQ...

Malicious Package in wepack-cli

All versions of wepack-cli typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the proces...

Cisco IOS XR Authenticated User Privilege Escalation Vulnerability

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The...

Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerability

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device. The vulnerability is due to incorrect mapping of a command to task groups withi...

@csltech/strong-nginx-controller (>=1.0.2 <=1.0.3), @csltech/strong-pm (>=7.0.0 <=7.0.2) +56 more potentially affected by CVE-2016-1000226 via swagger-ui (>=2.0.17 <=2.1.8-M1)

swagger-ui NPM version =2.0.17, =1.0.2, =7.0.0, =3.0.1, =2.0.0, =1.0.1, =1.0.1, =2.8.29, =1.0.1, =5.0.232, =0.0.1, =0.4.1, =1.0.1, =0.0.1, =0.0.27, =0.1.9 and more Source cves: CVE-2016-1000226 Source advisory: OSV:GHSA-7F59-X49P-V8MQ...

OS Command Injection in adrieankhisbe/bundle-phobia-cli

Description BundlePhobia is a tool to help you find the cost of adding a npm package to your bundle. It enables you to query package sizes. The npm-utils.js has a unsanitized exec function which leads to Arbitrary code execution Proof-of-concept const util = require'./npm-utils.js'; let a =...

cnpmjs.org (>=2.0.0-beta0 <=2.0.0-rc.3), json2html-cli (>=0.0.2 <=0.0.8) +1 more potentially affected by CVE-2014-10065 via remarkable (=1.3.0)

remarkable NPM version =1.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on remarkable and may be impacted: - cnpmjs.org =2.0.0-beta0, =0.0.2, =0.0.8 - koa-markdown =1.0.0 Source cves: CVE-2014-10065 Source advisory: OSV:GHSA-F9VC-Q3HH-QHFV...

@hytong-yarn/cli (=1.4.0), @yym-yarn/cli (=1.0.0) +10 more potentially affected by CVE-2013-6393 via libyaml (>=0.0.2 <=0.2.2)

libyaml NPM version =0.0.2, =0.3.0, =1.0.24, =2.0.8, =0.0.1, =0.1.2, =0.0.10, =0.0.4, =0.0.5 Source cves: CVE-2013-6393 Source advisory: OSV:GHSA-M75H-CGHQ-C8H5...

CVE-2020-3504

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

CVE-2020-3504

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

Design/Logic Flaw

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...

CVE-2020-3504 Cisco UCS Manager Software Local Management CLI Denial of Service Vulnerability

A vulnerability in the local management local-mgmt CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper handling of CLI command parameters. An attacker could exploit th...