Command Injection in Command Line Interface

Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level...

Cisco ACE 4710 Application Control Engine Command Injection Vulnerability

A vulnerability in the Device Manager GUI of the Cisco ACE 4710 Application Control Engine could allow an authenticated, remote attacker to execute any command-line interface CLI command on the ACE with admin user privileges. The vulnerability is due to insufficient validation of user-supplied...

Cisco Prime Collaboration CLI Command Execution Vulnerability

Cisco Prime Collaboration is a suite of enterprise collaboration network management solutions. A security vulnerability in the CLI of Cisco Prime Collaboration allows a local attacker to exploit the vulnerability to execute arbitrary operating system commands with root privileges...

CVE-2016-1320

The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286...

Design/Logic Flaw

The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286...

CVE-2016-1320

The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS commands as root by leveraging administrator privileges, aka Bug ID CSCux69286...

CVE-2016-1320

CVE-2016-1320 : The Cisco Prime Collaboration CLI on version 9.0 and 11.0 is vulnerable to a local privilege escalation due to insufficient input sanitization, allowing a user with administrator privileges to execute arbitrary OS commands as root. The issue, tracked as Bug ID CSCux69286, affects ...

Oracle: Security Advisory (ELSA-2015-1219)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

jenkins: denial of service (SECURITY-87)

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service thread consumption via vectors related to a CLI handshake...

jenkins: remote code execution flaw (SECURITY-150)

Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel...

Cross Platform ELF Analysis: ELF Parser

ELF Parser attempts to move ELF malware analysis forward by quickly providing basic information and static analysis of the binary. The end goal of ELF Parser is to indicate to the analyst if it thinks the binary is malicious / dangerous and if so why. Load Any Executable ELF ELF Parser supports...

IPTV Brute-Force - Search And Brute Force Illegal IPTV Server

This program is just a demonstration. DO NOT USE IT FOR PERSONAL purpose What is this? IPTV is a simple python script that let you crawl the search engines in order to fetch those sites that stream illegal tv programs. This script leverage the fact the a lot of those sites use the same CMS to...

[SECURITY] Fedora 23 Update: mono-4.0.5-2.fc23

The Mono runtime implements a JIT engine for the ECMA CLI virtual machine as well as a byte code interpreter, the class loader, the garbage collector, threading system and metadata access libraries...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via 1 an SNMP OID object, 2 an SNMP trap message, 3 the View Names field, 4 the Group Names field, 5 the Flow Monitor Credentials field, 6 the Flow...

Jenkins Multiple Vulnerabilities (Oct 2014) - Windows

Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...

Code injection

Cisco IOS XE 15.43S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130...

CVE-2015-6383

Cisco IOS XE 15.43S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130...

Cisco ASR 1000 Series Root Shell License Bypass Vulnerability

A vulnerability in the way software packages are loaded in Cisco IOS XE Software for the Cisco Aggregation Services Routers ASR 1000 Series could allow an authenticated, local attacker to gain restricted root shell access. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be...

pacemaker security update

CentOS Errata and Security Advisory CESA-2015:2383 Updated pacemaker packages that fix one security issue, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common...

CVE-2015-8103

The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-.jar file and the "Groovy variant in 'ysoserial'"...