Cisco IOS XR Native OS Command Injection Vulnerability

Cisco IOS XR is the United States Cisco Cisco company's IOS software series in a fully modular, distributed network interconnection operating system. A security vulnerability exists in the CLI in Cisco IOS XR versions 6.x through 6.0.1. A local attacker could exploit the vulnerability to execute...

The vulnerability of Juniper SRX 240 router microprogramming software, which allows a hacker to trigger a maintenance failure.

The Juniper SRX 240 router software contains a vulnerability that allows any user registered in the system and having remote access to the device to trigger a situation that causes resource exhaustion overloading of memory, loading of the processor. The vulnerability is related to the search for...

Palo Alto Networks PAN-OS 7.0.7 Multiple Vulnerabilities

The version of Palo Alto Networks PAN-OS running on the remote host is 7.0.7. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the passive firewall where a VM-series ESXi configuration processes and forwards traffic. No other details are available. - An unspecified...

CVE-2016-1403

CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005...

IBM WebSphere DataPower XC10 Buffer Overflow Vulnerability

IBM WebSphere DataPower XC10 is a caching platform from IBM in the United States. The platform allows distributed caching of data with little or no change to existing applications. A buffer overflow vulnerability exists in the CLI of IBM WebSphere DataPower XC10 version 2.1 and 2.5. An attacker...

How To perform Emergency Network Reset on Citrix Hypervisor/XenServer

To configure or restore the management interface from either XSCONSOLE or from CLI command-line interface...

Juniper Networks Junos OS CLI Elevation of Privilege Vulnerability

Juniper Networks Junos OS is a network operating system dedicated to the company's hardware systems. A security vulnerability exists in the Juniper Networks Junos OS CLI that allows a local attacker to exploit the vulnerability to elevate privileges with CLI commands and take full control of the...

Pattern Matching Swiss Knife: YARA

YARA is a tool aimed at but not limited to helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families or whatever you want to describe based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strin...

CVE-2016-3654

The CVE concerns PAN-OS device management CLI parsing of an SSH command parameter, allowing authenticated administrators to run arbitrary OS commands with root privileges. Affected PAN-OS versions: 5.0.x before 5.0.18; 5.1.x before 5.1.11; 6.0.x before 6.0.13; 6.1.x before 6.1.10; 7.0.x before 7....

jenkins: Remote code execution vulnerability due to unsafe deserialization in Jenkins remoting (SECURITY-218)

The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-.jar file and the "Groovy variant in 'ysoserial'"...

The vulnerability of the microprogramming software of the Cisco Wireless LAN Controller allows a intruder to execute arbitrary operating system commands.

The vulnerability of Cisco Wireless LAN Controller’s microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands i...

Palo Alto Networks PAN-OS Multiple Vulnerabilities (PAN-SA-2016-0002, PAN-SA-2016-0004)

The Palo Alto Networks PAN-OS running on the remote host is version 5.0.x prior to 5.0.18, 5.1.x prior to 5.1.11, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.10, or 7.0.x prior to 7.0.5-h2. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw exists in the GlobalProte...

Command Injection in Command Line Interface

Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level...

Cisco ACE 4710 Application Control Engine Command Injection Vulnerability

A vulnerability in the Device Manager GUI of the Cisco ACE 4710 Application Control Engine could allow an authenticated, remote attacker to execute any command-line interface CLI command on the ACE with admin user privileges. The vulnerability is due to insufficient validation of user-supplied...

[SECURITY] Fedora 22 Update: octave-3.8.2-19.fc22

GNU Octave is a high-level language, primarily intended for numerical computations. It provides a convenient command line interface for solving linear and nonlinear problems numerically, and for performing other numerical experiments using a language that is mostly compatible with Matlab. It may...

The vulnerabilities of the microprogramming software in the access control system for the virtual environment NetScaler Gateway and the NetScaler Application Delivery Controller allow a perpetrator to enhance their privileges.

The multiple vulnerabilities of the microprogramming software for access control systems in the NetScaler Gateway and the NetScaler Application Delivery Controller are related to code errors. Exploiting these vulnerabilities could allow a malicious actor to enhance their privileges by manipulatin...

TCP Profiles on NetScaler

TCP configurations for a NetScaler appliance can be specified in an entity called a TCP profile, which is a collection of TCP settings. The TCP profile can then be associated with services or virtual servers that want to use these TCP configurations. Built-in TCP Profiles For convenience of...

PT-2016-7988

Name of the Vulnerable Software and Affected Versions TiEmu version 3.03-nogdb+dfsg-3 Description A buffer overflow exists in the ROM parameter handling. Local attackers can provide an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and overwrite the...

[SECURITY] Fedora 23 Update: telegram-cli-1.3.1-7.20150730git2052f4.fc23

Telegram is an Open Source instant messaging platform for mobile and desktop focused on privacy. This is a Linux Command-line interface for Telegram...

Cisco Aironet 1850 CLI Input Privilege Gain Vulnerability

Cisco Aironet 3600 access points is a wireless access point product from Cisco. A security vulnerability exists in the Cisco Aironet 1850 Series that allows local users to execute arbitrary commands with ROOT privileges...