adaptdl-cli (>=0.2.2 <=0.2.11), agent-vault-proxy (=0.4.0) +113 more potentially affected by CVE-2018-14505 via mitmproxy (>=10.1.5 <=4.0.3)

mitmproxy PYPI version =10.1.5, =0.2.2, =1.0.0, =0.1.1, =0.2.0, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.11, =1.0.5, =0.1.0, =0.2.0, =0.72.2, =0.75.43 and more Source cves: CVE-2018-14505 Source advisory: OSV:PYSEC-2018-56...

Scout2 - Security Auditing Tool For AWS Environments

Scout2 is a security tool that lets AWS administrators assess their environment's security posture. Using the AWS API, Scout2 gathers configuration data for manual inspection and highlights high-risk areas automatically. Rather than pouring through dozens of pages on the web, Scout2 supplies a...

CVE-2018-0392

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions i.e., World-Readable. An attacker could exploit this vulnerability by logging in to the CLI. An...

Improper access control

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions i.e., World-Readable. An attacker could exploit this vulnerability by logging in to the CLI. An...

Input validation

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

Input validation

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

CVE-2018-0348

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

CVE-2018-0392

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions i.e., World-Readable. An attacker could exploit this vulnerability by logging in to the CLI. An...

CVE-2018-0348

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

CVE-2018-0348

A vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to t...

CVE-2018-0349

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

CVE-2018-0349

Cisco SD-WAN Solution contains a vulnerability (CVE-2018-0349) where an authenticated, remote attacker could overwrite arbitrary files on the device by abusing improper input validation of the request admin-tech command in the CLI. A successful exploit could escalate privileges to root. Affected ...

CVE-2018-0348

Cisco SD-WAN Solution CVE-2018-0348 is a command-injection vulnerability in the CLI due to insufficient input validation. It affects vBond Orchestrator Software, vEdge 100/1000/2000/5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, and vSmart Controller Softwa...

CVE-2018-0392

CVE-2018-0392 affects Cisco Policy Suite: a local, authenticated attacker can access files owned by another user due to world-readable permissions in the CLI. Root cause is insufficient access controls. Exploitation requires logging into the CLI; impact is exposure of potentially sensitive user-o...

CVE-2018-0392

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions i.e., World-Readable. An attacker could exploit this vulnerability by logging in to the CLI. An...

Cisco SD-WAN Solution Arbitrary File Overwrite Vulnerability

A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected...

Cisco Policy Suite World-Readable Sensitive Data Vulnerability

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions. An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow t...

CloudMapper - Tool To Analyze Your Amazon Web Services (AWS) Environments

CloudMapper helps you analyze your Amazon Web Services AWS environments. The original purpose was to generate network diagrams and display them in your browser. It now contains more functionality. Demo:https://duo-labs.github.io/cloudmapper/ Intro...