Vlang-Pentest-Framework

🔥 Vlang Pentest Framework ██╗ ██╗██████╗ ███████╗███╗...

CVE-2025-60006

Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...

CVE-2025-60009

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the CLI Configlet page that, when visited by another user, enables the attacker to execute commands with the target's...

CVE-2025-4614

An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security risk posed by this issue...

CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...

CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...

CVE-2025-4614

CVE-2025-4614 describes an information-disclosure flaw in Palo Alto Networks PAN-OS software where an authenticated administrator can view other users’ session tokens in the firewall web UI, potentially allowing impersonation of those users. The risk is mitigated if CLI access is restricted to a ...

CVE-2025-59997

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the CLI Configlets pages that, when visited by another user, enable the attacker to execute commands with the target's...

CVE-2025-60006

CVE-2025-60006 : Juniper Junos OS Evolved CLI contains an OS command injection vulnerability due to improper handling of crafted CLI commands processed by scripts. Local attacker with low privileges may elevate privileges or run unauthorized commands. Affected: Junos OS Evolved versions 24.2 befo...

CVE-2025-59997

CVE-2025-59997 is a Junos Space cross-site scripting vulnerability: improper input neutralization during web page generation allows script injection in the CLI Configlets pages. Affected product: Juniper Networks Junos Space; affected versions are all before 24.1R4. The issue lets an attacker cau...

CVE-2025-59997 Junos Space: Fields in the CLI Configlets are vulnerable to reflected cross-site script injection

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the CLI Configlets pages that, when visited by another user, enable the attacker to execute commands with the target's...

PT-2025-41440

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions 24.2 through 24.2R2-S2-EVO Juniper Networks Junos OS Evolved versions 24.4 through 24.4R2-EVO Description An issue exists in the CLI of Juniper Networks Junos OS Evolved that could allow an attacker t...

CVE-2025-43910

Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2025 release version 8.3.1.0, LTS2024 release versions 7.13.1.0 through 7.13.1.30, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain a Stack-based Buffer...

pwnable-kr

It is an offensive tool for pwnable.kr. The repository contains...

EUVD-2025-32712

An access control vulnerability was discovered in the CLI functionality due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can issue administrative CLI commands, altering the device configuration, and/o...

CVE-2025-40888

A SQL Injection vulnerability was discovered in the CLI functionality due to improper validation of an input parameter. An authenticated user with limited privileges can execute arbitrary SELECT SQL statements on the DBMS used by the web application, potentially exposing unauthorized data...

CVE-2025-40888

CVE-2025-40888 affects Nozomi Guardian/CMC: an SQL Injection in the CLI due to improper input validation allows an authenticated user with limited privileges to execute arbitrary SELECT statements on the underlying DBMS, potentially exposing data. Affected are versions prior to 25.3.0 (Nozomi NN ...

CVE-2025-3719 Incorrect authorization for CLI in Guardian/CMC before 25.2.0

An access control vulnerability was discovered in the CLI functionality due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can issue administrative CLI commands, altering the device configuration, and/o...

CVE-2025-3719

CVE-2025-3719 affects Nozomi Networks Guardian/CMC. The issue is an access control vulnerability in the CLI: an authenticated user with limited privileges can issue administrative CLI commands, potentially altering device configuration and impacting availability. The root cause is improper enforc...

EUVD-2012-1619

Malware in sbrugna...