CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2018/03/12 12:0 a.m.•3 views

PT-2018-7170 · Red Hat · Hammer Cli

Name of the Vulnerable Software and Affected Versions: Hammer CLI versions prior to 0.10.0 Description: The issue concerns a problem where server certificates are not checked, making connections susceptible to man-in-the-middle attacks due to the lack of explicit verification of SSL certificates...

8.1CVSS6.8AI score0.00726EPSS

Exploits0References10

NVD•added 2018/03/08 7:29 a.m.•21 views

CVE-2018-0221

A vulnerability in specific CLI commands for the Cisco Identity Services Engine ISE could allow an authenticated, local attacker to perform command injection to the underlying operating system or cause a hang or disconnect of the user session. The attacker needs valid administrator credentials fo...

7.2CVSS6.8AI score0.00834EPSS

NVD•added 2018/03/08 7:29 a.m.•16 views

CVE-2018-0224

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to execute arbitrary commands with root privileges on an affected operating system. The vulnerability is due to insufficient validati...

7.2CVSS6.8AI score0.00466EPSS

OSV•added 2018/03/08 7:29 a.m.•2 views

CVE-2018-0217

A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of commands that are...

6.7CVSS6AI score0.0088EPSS

Prion•added 2018/03/08 7:29 a.m.•16 views

Input validation

A vulnerability in specific CLI commands for the Cisco Identity Services Engine could allow an authenticated, local attacker to cause a denial of service DoS condition. The device may need to be manually rebooted to recover. The vulnerability is due to lack of proper input validation of the CLI...

4.9CVSS5AI score0.004EPSS

NVD•added 2018/03/08 7:29 a.m.•22 views

CVE-2018-0217

7.2CVSS6.9AI score0.0088EPSS

Vulnrichment•added 2018/03/08 7:0 a.m.•11 views

CVE-2018-0211

6.9AI score0.004EPSS

Cvelist•added 2018/03/08 7:0 a.m.•20 views

CVE-2018-0217

6.9AI score0.0088EPSS

CVE•added 2018/03/08 7:0 a.m.•50 views

CVE-2018-0224

CVE-2018-0224 concerns a vulnerability in the Cisco StarOS CLI for Cisco ASR 5000 Series Aggregation Services Routers. The flaw stems from insufficient validation of user-supplied input in the StarOS operating system, allowing an authenticated, local attacker to inject malicious arguments into a ...

7.2CVSS6.8AI score0.00466EPSS

CVE•added 2018/03/08 7:0 a.m.•62 views

CVE-2018-0221

CVE-2018-0221 describes a local command-injection vulnerability in the Cisco Identity Services Engine (ISE) CLI. The issue arises from inadequate input validation of CLI ISE configuration commands, allowing an authenticated administrator to inject commands into the underlying Linux OS or cause th...

7.2CVSS6.8AI score0.00834EPSS

CVE•added 2018/03/08 7:0 a.m.•45 views

CVE-2018-0217

Cisco StarOS CLI Command Injection (CVE-2018-0217) affects the CLI of Cisco ASR 5000 Series StarOS. The vulnerability stems from insufficient validation of commands submitted to CLI configurations, enabling an authenticated local attacker with valid admin credentials to inject and execute arbitra...

7.2CVSS6.9AI score0.0088EPSS

CVE•added 2018/03/08 7:0 a.m.•55 views

CVE-2018-0211

CVE-2018-0211 affects Cisco Identity Services Engine (ISE). The issue is improper input validation in specific CLI commands, enabling an authenticated, local attacker with valid admin privileges to cause a denial-of-service on the device, which may require manual reboot to recover. The vulnerabil...

4.9CVSS5AI score0.004EPSS

CVE•added 2018/03/08 7:0 a.m.•55 views

CVE-2018-0214

The CVE-2018-0214 entry concerns Cisco Identity Services Engine (ISE) with a Local Command Injection vulnerability in certain CLI commands caused by insufficient input validation. An authenticated, local attacker with valid device credentials could issue crafted CLI input to execute arbitrary com...

5.3CVSS6AI score0.01036EPSS

Cvelist•added 2018/03/08 7:0 a.m.•19 views

CVE-2018-0221

6.8AI score0.00834EPSS

Hacker One•added 2018/03/07 4:40 p.m.•30 views

Laravel: Persistent Cross-Site Scripting in default Laravel installation

Persistent XSS in default Laravel Installation I have been using the Laravel framework for quite a while now and discovered something odd. When following the installation instructions for the latest Laravel version 5.6.8 at the time of writing you will be up and running in a matter of minutes. Ev...

0.4AI score

Exploits0

Cisco•added 2018/03/07 4:0 p.m.•35 views

Cisco StarOS CLI Command Injection Vulnerability

6.7CVSS3.6AI score0.00466EPSS

Cisco•added 2018/03/07 4:0 p.m.•68 views

Cisco Identity Services Engine Authenticated CLI Denial of Service Vulnerability

4.4CVSS2.4AI score0.004EPSS

Kitploit•added 2018/03/07 1:11 p.m.•81 views

Harpoon - CLI Tool For Open Source And Threat Intelligence

OSINT tool, CLI Tool For Open Source And Threat Intelligence Install You can simply pip install the tool: pip3 install git+http://[email protected]/Te-k/harpoon --process-dependency-links Optionally if you want to use the screenshot plugin, you need phantomjs and npm installed: npm install -...

7.1AI score