Lucene search
K

1788 matches found

BDU FSTEC
BDU FSTEC
added 2019/12/03 12:0 a.m.5 views

The vulnerability of the command-line interface (CLI) of the microprogramming software for Cisco TelePresence Collaboration Endpoint devices allows a hacker to write arbitrary files into the root directory.

The vulnerability of the command-line interface CLI of the Cisco TelePresence Collaboration Endpoint CE device’s management software is related to improper handling of permissions. Exploiting this vulnerability could allow an attacker to write arbitrary files into the root directory...

6.6CVSS5.6AI score0.00256EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/11/26 4:15 a.m.6 views

CVE-2019-15997

A vulnerability in Cisco DNA Spaces: Connector could allow an authenticated, local attacker to perform a command injection attack and execute arbitrary commands on the underlying operating system as root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI...

6.7CVSS6.9AI score
Exploits0References1
OSV
OSV
added 2019/11/26 4:15 a.m.3 views

CVE-2019-15986

A vulnerability in the CLI of Cisco Unity Express could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. To exploit this vulnerability, an attacker would need valid administrator credentials. The vulnerability is due to improper input...

6.7CVSS7AI score0.00404EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/11/26 12:0 a.m.7 views

PT-2019-5284

Name of the Vulnerable Software and Affected Versions Ansible versions prior to 2.8.6 Ansible versions prior to 2.7.14 Ansible versions prior to 2.6.20 Description The issue is related to insufficient input validation in the Ansible configuration management system. This could allow a remote...

7.1CVSS7.6AI score0.01649EPSS
Exploits0References162
Fedora
Fedora
added 2019/11/25 2:33 a.m.29 views

[SECURITY] Fedora 29 Update: koji-1.19.1-1.fc29

Koji is a system for building and tracking RPMS. The base package contains shared libraries and the command-line interface...

6.5CVSS2.4AI score0.02793EPSS
Exploits0
Gitee
Gitee
added 2019/11/21 12:43 p.m.6 views

POC-T

This is a Python-based penetration testing framework called POC-T. It is a concurrent framework that allows users to perform various types of attacks, including vulnerability verification, file upload, weak password cracking, and more. The framework has a modular design, with each module...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.6 views

The vulnerability of the command-line interface (CLI) of the microprogramming software for Cisco TelePresence Collaboration Endpoint devices allows a attacker to execute arbitrary code with root privileges.

The vulnerability of the command-line interface CLI of the microprogramming software for Cisco TelePresence Collaboration Endpoint devices is related to deficiencies in access control. Exploiting this vulnerability could allow a attacker to execute arbitrary code with root privileges by sending...

6.4CVSS7AI score0.00431EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.4 views

The numerous vulnerabilities in the command-line interface (CLI) of the Cisco TelePresence Collaboration Endpoint (CE) software allow attackers to compromise the integrity of protected information or cause service failures.

The multiple vulnerabilities of the command-line interface CLI of the Cisco TelePresence Collaboration Endpoint CE device’s management software exist due to insufficient validation of input data. Exploitation of these vulnerabilities could allow attackers to compromise the integrity of protected...

6.2CVSS6AI score0.00271EPSS
Exploits0References3Affected Software1
Kitploit
Kitploit
added 2019/11/01 12:0 p.m.76 views

AtomShields Cli - Security Testing Framework For Repositories And Source Code

AtomShields Cli is a Command-Line Interface to use the software AtomShields Installation pip install atomshieldscli Basic usage ascli --target --name The allowed action values are: install : To install a checker or a report, depending the context setted. uninstall : To uninstall a checker or a...

7.2AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.6 views

The vulnerability of the command-line interface (CLI) of the Cisco TelePresence Collaboration Endpoint (CE) software allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the command-line interface CLI of Cisco TelePresence Collaboration Endpoint CE software relates to privilege management errors. Exploiting this vulnerability allows an attacker to execute arbitrary commands with root privileges...

6.8CVSS5.9AI score0.00445EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.7 views

The vulnerability of the command-line interface (CLI) of Cisco Firepower Threat Defense microprogramming systems allows a attacker to execute arbitrary commands on the base operating system with root privileges.

The vulnerability of the command-line interface CLI of Cisco Firepower Threat Defense software exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the base operating system with root privileges...

6.8CVSS5.9AI score0.00425EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2019/10/25 5:2 p.m.27 views

[SECURITY] Fedora 30 Update: koji-1.18.1-1.fc30

Koji is a system for building and tracking RPMS. The base package contains shared libraries and the command-line interface...

6.5CVSS2.4AI score0.02793EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2019/10/24 8:41 p.m.5 views

ansible: Incomplete fix for CVE-2019-10206

The fix for CVE-2019-10206 was found to be incomplete for the data disclosure flaw in ansible. Password prompts in ansible-playbook and ansible-cli tools could expose passwords with special characters as they are not properly wrapped. A password with special characters is exposed starting with th...

6.5CVSS6.8AI score0.01649EPSS
Exploits0References4
CNVD
CNVD
added 2019/10/10 12:0 a.m.7 views

Cisco Firepower Threat Defense Input Validation Error Vulnerability

Cisco Firepower Threat Defense FTD is a suite of unified software from the U.S. company Cisco Cisco that provides next-generation firewall services. An input validation error vulnerability exists in the CLI in Cisco FTD. A local attacker could exploit this vulnerability to execute commands with...

7.2CVSS7AI score0.00425EPSS
Exploits0References1
OSV
OSV
added 2019/10/09 9:15 p.m.6 views

CVE-2019-15014

A command injection vulnerability exists in the Zingbox Inspector versions 1.286 and earlier, that allows for an authenticated user to execute arbitrary system commands in the CLI...

8.8CVSS7.5AI score0.02294EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/09 12:0 a.m.4 views

Cisco Firepower Threat Defense Local Elevation of Privilege Vulnerability

Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. A security vulnerability exists in the Cisco Firepower Threat Defense CLI that allows a local attacker to exploit the vulnerability by submitting a special request to gain ROOT privilege...

8.8CVSS6.8AI score0.00488EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/10/09 12:0 a.m.6 views

The vulnerability of the command-line interface of the Cisco FX-OS network operating system and the Cisco Firepower Threat Defense (FTD) network switches’ micro-programming software allows a attacker to execute arbitrary commands on the privileged root operating system.

The vulnerability of the command-line interface of the Cisco FX-OS network operating system and the Cisco Firepower Threat Defense FTD network interface micro-programming system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute...

8.8CVSS5.9AI score0.00488EPSS
Exploits0References2Affected Software2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/10/07 6:17 a.m.4 views

Multiple OS command injection vulnerabilities in DBA-1510P

Overview DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in Command Line Interface CLI CWE-78 - CVE-2019-6013 OS command injection vulnerability in Web User Interface CWE-78 - CVE-2019-6014 Katsuhiko...

8.8CVSS7.8AI score0.01245EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2019/10/07 12:0 a.m.120 views

JVN#95875796: Multiple OS command injection vulnerabilities in DBA-1510P

DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in Command Line Interface CLI CWE-78 - CVE-2019-6013 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score...

8.8CVSS7.8AI score0.01245EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.4 views

The vulnerability of the Cisco IOS XE command-line interface allows a attacker to execute arbitrary commands on the underlying operating system.

The vulnerability of the Cisco IOS XE operating system’s command-line interface is related to authentication process errors. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the underlying operating system...

6.8CVSS5.9AI score0.00352EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder