1775 matches found
CVE-2025-59692
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the system's existing iptables rules and apply default ACCEPT policies when connecting to a VPN server. This removes firewall rules that may have been configured manually or by other software e.g., UFW,...
PureVPN 安全漏洞
PureVPN is a VPN software from PureVPN Inc. A security vulnerability exists in the PureVPN CLI version 2.0.1 and GUI version 2.10.0, which stems from incorrectly handling firewall rules and could result in the system being accidentally exposed to network traffic...
CVE-2025-37130
A vulnerability in the command-line interface of EdgeConnect SD-WAN could allow an authenticated attacker to read arbitrary files within the system. Successful exploitation could allow an attacker to read sensitive data from the underlying file system...
CVE-2025-37129 Authenticated Remote Code Execution allows Exploit in Scripts Feature
A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system if the feature is...
CVE-2025-37129
CVE-2025-37129 describes a vulnerability in the command-line interface of HPE Aruba Networking EdgeConnect SD-WAN Gateways . An authenticated attacker could exploit the built-in script execution capability to execute arbitrary commands on the underlying operating system if the feature is enabled ...
CVE-2025-37129 Authenticated Remote Code Execution allows Exploit in Scripts Feature
A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system if the feature is...
CVE-2025-37126 Authenticated Remote Code Execution in HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as...
CVE-2025-37126
CVE-2025-37126 affects HPE Aruba Networking EdgeConnect SD-WAN Gateways via the Command Line Interface. The vulnerability allows remote authenticated users to execute arbitrary commands with root privileges, enabling full OS compromise. Multiple connected sources corroborate authenticated remote ...
CVE-2025-37126 Authenticated Remote Code Execution in HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as...
CVE-2025-37131 Authenticated Arbitrary File Read allows Data Exposure in CLI Interface
A vulnerability in EdgeConnect SD-WAN ECOS could allow an authenticated remote threat actor with admin privileges to access sensitive unauthorized system files. Under certain conditions, this could lead to exposure and exfiltration of sensitive information...
PT-2025-38089
Name of the Vulnerable Software and Affected Versions: EdgeConnect SD-WAN affected versions not specified Description: A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an authenticated attacker to exploit built-in script execution capabilities. Successful...
PT-2025-38086
Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN Gateways affected versions not specified Description: A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line Interface that allows remote authenticated users to run...
HPE Aruba Networking EdgeConnect SD-WAN Gateways 安全漏洞
HPE Aruba Networking EdgeConnect SD-WAN Gateways is an edge gateway appliance from HPE America. A security vulnerability exists in HPE Aruba Networking EdgeConnect SD-WAN Gateways that stems from improper privilege management of the command line interface, which could lead to elevation of privile...
PT-2025-38090
Name of the Vulnerable Software and Affected Versions: EdgeConnect SD-WAN affected versions not specified Description: A vulnerability in the command-line interface of EdgeConnect SD-WAN could allow an authenticated attacker to read arbitrary files within the system. Successful exploitation could...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
wazuh
This repository is an open-source security platform called Wazuh, which provides unified XDR and SIEM protection for endpoints and cloud workloads. The repository contains various files and templates for issue reporting, testing, and integration with external services. The probable entry points f...
Vulnerabilities fixed in Cisco NX-OS Software
Cisco has fixed vulnerabilities in Cisco NX-OS Software for Nexus 3000 and 9000 Series Switches. The vulnerabilities are in several features of the Cisco NX-OS Software, including IS-IS, PIM6, logging, command-line interface CLI, and the REST API of the Nexus Dashboard. These vulnerabilities can ...
CVE-2024-45325
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
QuerySniper
🎯 QuerySniper - Advanced Vulnerability Research Toolkit Query...
vuls
This is an open-source vulnerability scanner for Linux and FreeBSD, written in Go. It is an agentless scanner, meaning it does not require any additional software to be installed on the target systems. The scanner is designed to be easy to use and provides a simple command-line interface. The...