PT-2026-2461

Name of the Vulnerable Software and Affected Versions mobility conductors versions AOS-8 and AOS-10 Description An arbitrary file deletion issue exists in the command-line interface of mobility conductors. A remote attacker with authentication could delete arbitrary files within the affected...

HPE AOS 安全漏洞

HPE AOS is an operating system from the US-based HPE. A security vulnerability exists in HPE AOS versions 10 and 8 that stems from an arbitrary file deletion vulnerability in the command line interface...

Bitrix24 安全漏洞

Bitrix24 is a suite of enterprise social platforms from Bitrix USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management. A security vulnerability exists in Bitrix24, which originates from authenticated remote code execution, an...

CVE-2018-12260

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in cleartext by issuing the command 'showKey' from the root CLI. This password may be the same on all devices...

CVE-2022-42718

Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface CLI may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-12041

The Baxter Spectrum WBM v17, v20D29, v20D30, v20D31, and v22D24 telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to netwo...

CVE-2022-37910

A buffer overflow vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in a denial of service on the affected system...

CVE-2024-41129

The ops library is a Python framework for developing and testing Kubernetes and machine charms. The issue here is that ops passes the secret content as one of the args via CLI. This issue may affect any of the charms that are using: Juju =3.0, Juju secrets and not correctly capturing and processi...

CVE-2022-37923

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

CVE-2022-37921

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

CVE-2020-7284

Exposure of Sensitive Information in McAfee Network Security Management NSM prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface CLI...

CVE-2024-41134

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as...

CVE-2026-22034 Snuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD package

Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...

Amazon Linux 2023 : php8.1, php8.1-bcmath, php8.1-cli (ALAS2023-2025-1355)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1355 advisory. NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfcDEBIANBUG: 1123574 CVE-2025-1417...

[SECURITY] Fedora 43 Update: doctl-1.148.0-1.fc43

The official command line interface for the DigitalOcean API...

[SECURITY] Fedora 43 Update: gh-2.83.2-1.fc43

A command-line interface to GitHub for use in your terminal or your scripts. gh is a tool designed to enhance your workflow when working with GitHub. It provides a seamless way to interact with GitHub repositories and perform vari ous actions right from the command line, eliminating the need to...

CVE-2025-65637 affecting package dcos-cli for versions less than 1.2.0-23

CVE-2025-65637 affecting package dcos-cli for versions less than 1.2.0-23. A patched version of the package is available...

CVE-2025-68459

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...

CVE-2025-68459

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...

MicrosoftAmplifierPoC

Microsoft Amplifier RCE PoC Proof of concept demonstrating re...