Lucene search
K

1800 matches found

Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-53449 Coturn: Arbitrary File Write via CLI psd Command

Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.13.0, the psd print sessions dump CLI command in coturn takes a filename argument and directly passes it to fopen with no path validation. An authenticated admin with CLI access can overwrite arbitrary files writable ...

6CVSS0.00176EPSS
Exploits0References3
NVD
NVD
added 4 days ago8 views

CVE-2026-33390

An Incorrect Privilege Assignment vulnerability was discovered in the synchronization functionality due to Arc sensors receiving CLI permissions. An authenticated user with limited privileges can push administrative CLI commands through the sync, altering the device configuration, and/or affectin...

8.1CVSS0.0021EPSS
Exploits0References1
NVD
NVD
added 4 days ago8 views

CVE-2026-47828

During bosh create-env and bosh delete-env, the CLI uploads compiled CPI packages and rendered job templates to the new VM's DAV blobstore over HTTPS without verifying the server certificate, even though a CA certificate for that endpoint is available in the installation manifest. A network...

8.9CVSS0.00088EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 5 days ago6 views

Juniper Junos OS Vulnerability (JSA110077)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110077 advisory. - A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service DoS...

6.8CVSS6AI score0.00123EPSS
Exploits0References2
Cloud Foundry
Cloud Foundry
added 5 days ago5 views

CVE-2026-47829 - Argument Injection in BOSH CLI Allows Local Command Execution on Operator Workstations via Compromised Director | Cloud Foundry

High CVSSv4: High 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N CVSSv3: High 8.3 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Vendor CloudFoundry Foundation Versions Affected Severity is High unless otherwise noted. bosh-cli – All versions prior to v7.10.4 Description Argume...

8.3CVSS6.2AI score0.00293EPSS
Exploits0
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-46672 Actual: CSV Formula Injection in `@actual-app/cli` `--format csv` Output via Custom `escapeCsv` Helper

Actual is a local-first personal finance app. Prior to 26.6.0, @actual-app/cli ships a hand-rolled CSV serializer in packages/cli/src/output.ts used whenever the global --format csv option is passed, whose escapeCsv helper only handles RFC 4180 delimiter, quote, and newline escaping and does not...

4.6CVSS0.00188EPSS
Exploits0References4
OSV
OSV
added 6 days ago6 views

PYSEC-2026-1526 Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)

This vulnerability was discovered by researchers at Check Point. We are sharing this report as part of a responsible disclosure process and are happy to assist in validation and remediation if needed. Summary A privilege escalation vulnerability exists in Langflow containers where an authenticate...

8.8CVSS6.4AI score0.00433EPSS
Exploits0References7
OSV
OSV
added 6 days ago5 views

PYSEC-2026-1557 LLama-Index CLI OS command injection vulnerability

LLama-Index CLI prior to v0.4.1, corresponding to LLama-Index prior to v0.12.21, contains an OS command injection vulnerability. The vulnerability arises from the improper handling of the --files argument, which is directly passed into os.system. An attacker who controls the content of this...

7.8CVSS7.7AI score0.0103EPSS
Exploits1References6
Fedora
Fedora
added 2026/07/04 1:7 a.m.6 views

[SECURITY] Fedora 43 Update: buildah-1.43.2-1.fc43

The buildah package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a ne...

5.9AI score
Exploits0
NVD
NVD
added 2026/07/03 12:16 a.m.18 views

CVE-2026-13053

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS's CLI could allow an authenticated privileged user to execute arbitrary code via a specially crafted CLI command. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025....

8.6CVSS0.00468EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 8:42 a.m.8 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.11 views

PT-2026-55323

Name of the Vulnerable Software and Affected Versions WatchGuard Fireware OS versions 11.0 through 11.12.4 Update1 WatchGuard Fireware OS versions 12.0 through 12.12 WatchGuard Fireware OS versions 2025.1 through 2026.2 Description An Out-of-bounds Write issue exists in the CLI, where an...

8.6CVSS6.3AI score0.00468EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added 2026/06/30 12:13 a.m.5 views

org.wildfly.core:wildfly-elytron-integration: Wildfly Elytron Brute Force Attack via CLI

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

8.1CVSS7.2AI score0.00817EPSS
Exploits1References5
Fedora
Fedora
added 2026/06/25 4:25 p.m.6 views

[SECURITY] Fedora 43 Update: goose-1.36.0-1.fc43

Goose is your on-machine AI agent, capable of automating complex development tasks from start to finish. More than just code suggestions, goose can build entire projects from scratch, write and execute code, debug failures, orchestrate workflows, and interact with external APIs - autonomously...

8.8CVSS5.9AI score0.00213EPSS
Exploits0
Fedora
Fedora
added 2026/06/25 4:8 p.m.5 views

[SECURITY] Fedora 44 Update: goose-1.36.0-1.fc44

Goose is your on-machine AI agent, capable of automating complex development tasks from start to finish. More than just code suggestions, goose can build entire projects from scratch, write and execute code, debug failures, orchestrate workflows, and interact with external APIs - autonomously...

8.8CVSS5.9AI score0.00213EPSS
Exploits0
EUVD
EUVD
added 2026/06/24 11:53 a.m.13 views

EUVD-2026-38756

ImageMagick before 7.1.2-19 contains an out-of-bounds access vulnerability in ConnectedComponentsImage when processing connected-components artifacts with invalid indices. Attackers can trigger access violations by specifying malformed connected-components definitions via CLI, causing denial of...

4.8CVSS6AI score0.00121EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/24 1:30 a.m.5 views

[SECURITY] Fedora 44 Update: grout-0.16.0-1.fc44

grout stands for Graph Router. In English, "grout" refers to thin mortar that hardens to fill gaps between tiles. grout is a DPDK based network processing application. It uses the rtegraph library for data path processing. Its main purpose is to simulate a network function or a physical router fo...

7.5CVSS5.8AI score0.00389EPSS
Exploits0
Fedora
Fedora
added 2026/06/22 12:51 a.m.4 views

[SECURITY] Fedora 44 Update: podman-5.8.3-1.fc44

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/06/17 4:17 p.m.22 views

CVE-2026-20246 Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability

A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this...

6CVSS0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 4:17 p.m.10 views

EUVD-2026-37751

A vulnerability in the vmadmin CLI of Cisco Umbrella Virtual Appliance could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied commands. An attacker with vmadmin privileges could exploit this...

6CVSS5.3AI score0.00104EPSS
Exploits0References1
Rows per page
Query Builder