CVE-2019-1784

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments passed to a specific CLI comman...

CVE-2019-1783

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments...

CVE-2019-1770

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker with administrator credentials to execute arbitrary commands on the underlying Linux operating system with the privilege level of root. The vulnerability is due to insufficient validation of arguments...

CVE-2019-1726

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to access internal services that should be restricted on an affected device, such as the NX-API. The vulnerability is due to insufficient validation of arguments passed to a certain CLI command. An...

Announcing the all new Attack Surface Analyzer 2.0

Few of us know what is really happening on our systems when we install new software from new or untrusted sources. This is important because most installation processes require elevated privileges, which can lead to undesired system configuration changes. Knowing what changes have been made is...

PT-2019-2420 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with the...

Cisco FXOS and NX-OS Command Injection Vulnerabilities

Cisco FXOS is the Firepower extensible operating system.Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco FXOS and NX-OS. The...

Cisco NX-OS Command Injection Vulnerability (CNVD-2019-14621)

Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco NX-OS. The vulnerability stems from insufficient validation of parameters...

Cisco FXOS and NX-OS Command Injection Vulnerability (CNVD-2019-14618)

Cisco FXOS is the Firepower extensible operating system.Cisco NX-OS is the network operating system for the Cisco Nexus family of Ethernet switches and the MDS family of Fibre Channel storage area network switches. A command injection vulnerability exists in the CLI of Cisco FXOS and NX-OS. The...

PT-2019-15250 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected...

PT-2019-2452 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying Linux operating system with a...

PT-2019-2212 · Cisco · Cisco Nx-Os +1

Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: The issue is related to incorrect verification of cryptographic signatures in the Image Signature Verification feature of Cisco NX-OS Software. This could allow an authenticate...

CB TAU Threat Intelligence Notification: JCry Ransomware Pretends to be Adobe Flash Player Update Installer

JCry is a new family of ransomware that has the unique characteristic of being written in the Go programming language and being delivered as multiple executables, each with their own purpose. It was pretending to be an Adobe flash player update installer on a compromised website to lure users to...

Fedora Update for soundtouch FEDORA-2018-09802a742a

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2019-2121 · Cisco · Cisco Web Security Appliance

Name of the Vulnerable Software and Affected Versions: Cisco Web Security Appliance WSA affected versions not specified Description: A vulnerability in the log subscription subsystem could allow an authenticated, local attacker to perform command injection and elevate privileges to root. This iss...

PT-2019-2063 · Cisco · Cisco Ftd

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense Software affected versions not specified Description: The issue exists due to insufficient input validation in the command-line interface of the software, allowing an attacker to perform a command injection...

[SECURITY] Fedora 29 Update: atomic-reactor-1.6.36.1-3.fc29

Simple Python tool with command line interface for building Docker images. It contains a lot of helpful functions which you would probably implement if you started hooking Docker into your infrastructure...

[SECURITY] Fedora 28 Update: atomic-reactor-1.6.36.1-3.fc28

Simple Python tool with command line interface for building Docker images. It contains a lot of helpful functions which you would probably implement if you started hooking Docker into your infrastructure...

CVE-2019-1829

A vulnerability in the CLI of Cisco Aironet Series Access Points APs could allow an authenticated, local attacker to gain access to the underlying Linux operating system OS without the proper authentication. The attacker would need valid administrator device credentials. The vulnerability is due ...

CVE-2019-1805

A vulnerability in certain access control mechanisms for the Secure Shell SSH server implementation for Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affected device. The vulnerability is due to a lack of proper input-...