Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7991 matches found

OSV
OSVadded 2019/01/24 4:29 p.m.2 views

CVE-2019-1656

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software NFVIS could allow an authenticated, local attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation in the affected software. An...

5.3CVSS6.1AI score
Exploits0References2
CVE
CVEadded 2019/01/24 4:0 p.m.47 views

CVE-2019-1656

Cisco Enterprise NFV Infrastructure Software (NFVIS) contains an input-validation vulnerability in its CLI that can allow an authenticated, local attacker to gain shell access to the underlying Linux OS via CIMC console connections (not via remote access). The issue is triggered by crafting comma...

5.3CVSS5.5AI score0.00387EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2019/01/24 3:29 p.m.14 views

Input validation

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An...

9CVSS8.8AI score0.03475EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2019/01/24 3:29 p.m.1 views

CVE-2019-1650

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An...

8.8CVSS7.4AI score0.03475EPSS
Exploits0References2
NVD
NVDadded 2019/01/24 3:29 p.m.22 views

CVE-2019-1646

A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit...

7.8CVSS7.8AI score0.00446EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2019/01/24 3:0 p.m.12 views

CVE-2019-1650 Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An...

8.8CVSS7.4AI score0.03475EPSS
Exploits0References2
Cvelist
Cvelistadded 2019/01/24 3:0 p.m.19 views

CVE-2019-1646 Privilege Escalation Vulnerability in Cisco SD-WAN Solution

A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit...

7.8CVSS7.8AI score0.00446EPSS
Exploits0References2
Cvelist
Cvelistadded 2019/01/24 3:0 p.m.20 views

CVE-2019-1650 Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An...

8.8CVSS8.9AI score0.03475EPSS
Exploits0References2
CVE
CVEadded 2019/01/24 3:0 p.m.49 views

CVE-2019-1646

CVE-2019-1646 describes a privilege-escalation vulnerability in the local CLI of the Cisco SD-WAN Solution. An authenticated, local attacker can exploit insufficient input sanitization on certain CLI commands to establish an interactive session with elevated privileges and then modify device conf...

7.8CVSS7.8AI score0.00446EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2019/01/24 3:0 p.m.8 views

CVE-2019-1646 Privilege Escalation Vulnerability in Cisco SD-WAN Solution

A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerability exists because user input is not properly sanitized for certain commands at the CLI. An attacker could exploit...

7.8CVSS7.1AI score0.00446EPSS
Exploits0References2
ossfuzz
ossfuzzadded 2019/01/23 8:51 p.m.15 views

openthread/cli-uart-received-fuzzer: Stack-buffer-overflow in ot::Cli::Interpreter::ProcessService

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5663316146388992 Project: openthread Fuzzer: aflopenthreadcli-uart-received-fuzzer Fuzz target binary: cli-uart-received-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type:...

6.8AI score
Exploits0Affected Software1
Cisco
Ciscoadded 2019/01/23 4:0 p.m.155 views

Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the save command in the CLI of the affected software. An...

8.8CVSS2.4AI score0.03475EPSS
Exploits0References1
Cisco
Ciscoadded 2019/01/23 4:0 p.m.75 views

Multiple Privilege Escalation Vulnerabilities in Cisco SD-WAN Solution

Multiple vulnerabilities in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local attacker to escalate privileges and modify device configuration files. The vulnerabilities exist because user input is not properly sanitized for certain commands at the CLI. An attacker cou...

7.8CVSS2.3AI score0.00446EPSS
Exploits0References1
Kitploit
Kitploitadded 2019/01/23 12:25 p.m.3809 views

Jok3R - Network And Web Pentest Framework

Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challengin...

9.8CVSS10AI score0.99999EPSS
Exploits387References17
ossfuzz
ossfuzzadded 2019/01/23 8:25 a.m.19 views

openthread/cli-uart-received-fuzzer: Index-out-of-bounds in ot::Cli::Uart::ReceiveTask

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5730276330700800 Project: openthread Fuzzer: libFuzzeropenthreadcli-uart-received-fuzzer Fuzz target binary: cli-uart-received-fuzzer Job Type: libfuzzerubsanopenthread Platform Id: linux Cras...

6.8AI score
Exploits0Affected Software1
OSV
OSVadded 2019/01/17 8:29 p.m.1 views

CVE-2018-20735

An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for lateral movement and escalation of privilege inside a Windows Active Directory environment. It was found that by default the PatrolCli / PATROL Agent application only verifies if...

7.8CVSS5.8AI score0.07488EPSS
Exploits6References2
RedHat Linux
RedHat Linuxadded 2019/01/16 5:55 p.m.3 views

redis: Code execution in redis-cli via crafted command line arguments

The Redis command line tool 'redis-cli' is vulnerable to a buffer overflow through the -h host command line parameter. The redis-cli may be used by other services; if these services do not adequately filter the host input it could lead to code execution with the privilege level of that service...

8.4CVSS7.9AI score0.02678EPSS
Exploits5References4
OSV
OSVadded 2019/01/15 9:29 p.m.3 views

CVE-2019-0021

On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. This issue affects Juniper ATP 5.0 versions prior to 5.0.4...

5.5CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2019/01/15 9:29 p.m.20 views

CVE-2019-0021

On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. This issue affects Juniper ATP 5.0 versions prior to 5.0.4...

7.1CVSS6.6AI score0.00336EPSS
Exploits0References1
Prion
Prionadded 2019/01/15 9:29 p.m.20 views

Information disclosure

On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are logged to /var/log/syslog in clear text, allowing authenticated local user to be able to view these secret information. This issue affects Juniper ATP 5.0 versions prior to 5.0.4...

2.1CVSS5.2AI score0.00336EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder