GHSA-JRWR-5X3P-HVC3 markdown-it-py Denial of Service vulnerability in the command line interface

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input...

CVE-2023-26302

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input...

CVE-2023-26302

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input...

CVE-2023-26302 markdown-it-py CLI crash on invalid UTF-8 characters

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input...

CVE-2023-26302

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input...

PT-2023-1553 · Cisco · Cisco Ucs 6500 +5

Name of the Vulnerable Software and Affected Versions: Cisco Firepower 4100 Series affected versions not specified Cisco Firepower 9300 Security Appliances affected versions not specified Cisco UCS 6200 affected versions not specified Cisco UCS 6300 affected versions not specified Cisco UCS 6400...

The vulnerability of the command-line interface (CLI) implementation of Zyxel networking devices allows a perpetrator to execute arbitrary commands.

The vulnerability of CLI implementations for Zyxel network devices involves a lack of measures to neutralize special elements used in OS commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

The vulnerability of the command-line interface (CLI) implementation of Zyxel networking devices allows a perpetrator to execute arbitrary commands.

The vulnerability of CLI implementations for Zyxel network devices involves a lack of measures to neutralize special elements used in OS commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

CVE-2022-38378

An improper privilege management vulnerability CWE-269 in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section System subsection Administrator Users to modify their own profile a...

CVE-2022-33871

A stack-based buffer overflow vulnerability CWE-121 in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI execute backup-local rename and execute backup-local show...

Fortinet FortiADC 操作系统命令注入漏洞

Fortinet FortiADC is an application delivery controller from Fortinet, Inc. Fortinet FortiADC suffers from a command injection vulnerability, which stems from an improper neutralization of special elements used in os commands, that can be exploited by an attacker to execute arbitrary shell code a...

SUSE CVE-2012-3533

The python SDK before 3.1.0.6 and CLI before 3.1.0.8 for oVirt 3.1 does not check the server SSL certificate against the client keys, which allows remote attackers to spoof a server via a man-in-the-middle MITM attack...

SUSE CVE-2018-15869

An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...

The vulnerability of the command-line interface of the network traffic analysis, network detection, and response tool Cortex XDR Agent for Windows operating systems allows a malicious actor to gain unauthorized access to protected information and execute arbitrary commands.

The vulnerability of the command-line interface of the network traffic analysis, network detection, and response tool Cortex XDR Agent for Windows operating systems is related to the storage of data in an open manner. Exploiting this vulnerability can allow attackers to gain unauthorized access t...

The vulnerability of the command-line interface of the network traffic analysis and detection tool, Cortex XDR Agent, for operating systems based on Windows, allows a perpetrator to execute arbitrary commands.

The vulnerability of the command-line interface of the network traffic analysis, network detection, and response tool Cortex XDR Agent for Windows operating systems is related to a breach of the data protection mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary...

The vulnerability of the Command Line Interface (CLI) of the Cisco Identity Services Engine (ISE) management platform allows a hacker to escalate their privileges.

The vulnerability of the Command Line Interface CLI of the Cisco Identity Services Engine ISE management platform relates to the lack of measures taken to neutralize special elements used in the OS command line. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the Command Line Interface (CLI) of the Cisco Identity Services Engine (ISE) management platform allows a hacker to escalate their privileges.

The vulnerability of the Command Line Interface CLI of the Cisco Identity Services Engine ISE management platform relates to the lack of measures taken to neutralize special elements used in the OS command line. Exploiting this vulnerability can allow attackers to increase their privileges...

CVE-2022-41023

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

conntrack-tools bug fix and enhancement update

An update is available for conntrack-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The conntrack-tools packages enable the user to set up a High...

The vulnerability of the Cisco IOS XE SD-WAN software’s command-line interface allows a attacker to delete any files from the file system.

The vulnerability of the command-line interface CLI of Cisco IOS XE SD-WAN software exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to delete any files from the file system...