Input validation

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to...

CVE-2019-16011 Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to...

CVE-2019-16011

CVE-2019-16011 affects Cisco IOS XE SD-WAN Software. The issue is due to insufficient input validation in the CLI, allowing an authenticated, local attacker to inject commands that execute with root privileges. Affected component: the CLI utility. Impact per sources: arbitrary command execution w...

Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to...

PT-2020-2649 · Cisco · Cisco Ios Xe Sd-Wan

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE SD-WAN Software affected versions not specified Description: The issue is related to insufficient input validation in the CLI interface of the software. This could allow an authenticated, local attacker to inject arbitrary comman...

Pwned - Simple CLI Script To Check If You Have A Password That Has Been Compromised In A Data Breach

Pwned is a simple command-line python script to check if you have a password that has been compromised in a data breach. This script uses haveibeenpwned API to check whether your passwords were leaked during one of the many breaches of online services. This API uses k-Anonymity model that allows ...

Malicious Package

Overview apigee-cli is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using apigee-cli...

Malicious Package

Overview acmecli is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using acmecli altogether...

Malicious Package

Overview bosh-clipluginredis is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

Malicious Package

Overview bosh-clipluginconsul is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

Malicious Package

Overview datadogcli is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using datadogcli...

Malicious Package

Overview aker-cas-cli is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using aker-cas-cli...

Cisco Unified Computing System Fabric Interconnect Root Privilege Escalation (cisco-sa-20190828-ucs-privescalation)

According to its self-reported version, Cisco NX-OS Software on Cisco Unified Computing System Fabric Interconnects is affected by a vulnerability in a specific CLI command within the local management local-mgmt context due to extraneous subcommand options. An authenticated, local attacker can...

CVE-2020-10699

A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...

Security update for ansible (moderate)

openSUSE Security Update: Security update for ansible Announcement ID: openSUSE-SU-2020:0513-1 Rating: moderate References: 1137479 1142542 1142690 1144453 1153452 1154231 1154232 1154830 1157968 1157969 Cross-References: CVE-2019-10206 CVE-2019-10217 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858...

Cisco FXOS Software Command Injection (cisco-sa-20191002-fxos-cmd-inject)

According to its self-reported version, Cisco FXOS Software is affected by multiple vulnerabilities in the CLI due to insufficient input validation. An unauthenticated, local attacker can exploit this, by including crafted arguments to specific commands, in order to execute arbitrary commands on...

[ASA-202004-10] wireshark-cli: arbitrary code execution

Arch Linux Security Advisory ASA-202004-10 ========================================== Severity: Critical Date : 2020-04-09 CVE-ID : CVE-2020-11647 Package : wireshark-cli Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1129 Summary ======= The package...

OS Command Injection

apiconnect-cli-plugins is vulnerable to OS command injection. The vulnerability exists the values of pluginUri is not sanitized and can be controlled by users...

CVE-2020-7633

apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument...

CVE-2020-7633

apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument...