maltrail

It is an offensive tool for network traffic analysis. The primary CVE ID is not present in the provided context, but the tool is designed to detect malicious traffic. The target product/service or framework is not explicitly stated, but it is likely a network traffic analysis system. The...

CVE-2025-48395

An attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limited shell of the CLI. This security issue has been fixed in the latest version of NMC G2 which is available on the Eaton download center...

CVE-2025-48395

CVE-2025-48395 affects Eaton NMC G2. The issue allows an attacker with authenticated privileged access to modify the contents of a non-sensitive file by traversing a path in the CLI’s limited shell. Root cause: path traversal in the restricted CLI shell. Impact is limited to file contents modific...

CVE-2025-20295

A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files. This vulnerabili...

CVE-2025-20292

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This...

CVE-2025-20294

CVE-2025-20294 affects Cisco UCS Manager Software, specifically the CLI and web-based management interface. The root cause is insufficient input validation of command arguments, which could allow an authenticated, remote attacker with administrative privileges to perform command injection and esc...

CVE-2025-20294 Cisco UCS Manager Software Command Injection Vulnerability

Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. These vulnerabilities are du...

CVE-2025-20294 Cisco UCS Manager Software Command Injection Vulnerability

Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. These vulnerabilities are du...

Cisco UCS Manager Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. For more information about these...

Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This...

PT-2025-34892 · Cisco · Cisco Ucs Manager

Name of the Vulnerable Software and Affected Versions: Cisco UCS Manager Software affected versions not specified Description: A vulnerability in the Cisco UCS Manager Software Command Line Interface CLI may allow an authenticated, local attacker with administrative privileges to read, create, or...

PT-2025-34891 · Cisco · Cisco Ucs Manager

Name of the Vulnerable Software and Affected Versions: Cisco UCS Manager Software affected versions not specified Description: Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with administrative...

Langflow Vulnerable to Privilege Escalation via CLI Superuser Creation (Post-RCE)

This vulnerability was discovered by researchers at Check Point. We are sharing this report as part of a responsible disclosure process and are happy to assist in validation and remediation if needed. Summary A privilege escalation vulnerability exists in Langflow containers where an authenticate...

CVE-2023-47799

Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administration interface or via the CLI, and the resulting export files are given to the account holders. They may contain images of other account holders because the...

CVE-2023-47799

Mahara is affected by an information-disclosure vulnerability in the HTML bulk export feature, where exported files may leak images from other accounts because the per-account cache is not cleared. Affected: Mahara < 22.10.4 and Mahara 23.x

CVE-2023-47799

Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental HTML bulk export is used via the administration interface or via the CLI, and the resulting export files are given to the account holders. They may contain images of other account holders because the...

card-ocr-fastmcp (=1.0.0) potentially affected by CVE-2025-9262 via @wong2/mcp-cli (=1.13.0)

@wong2/mcp-cli NPM version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on @wong2/mcp-cli and may be impacted: - card-ocr-fastmcp =1.0.0 Source cves: CVE-2025-9262 Source advisory: SNYK:JS-WONG2MCPCLI-12205740...

Linux Distros Unpatched Vulnerability : CVE-2020-15095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. The CLI supports URLs like ://:@::/. The...

knack 安全漏洞

knack is an open source command line interface framework from Microsoft. A security vulnerability exists in knack version 0.12.0, which stems from a regular expression denial of service...

CVE-2025-55201 Copier safe template has arbitrary filesystem read/write access

Copier library and CLI app for rendering project templates. Prior to 9.9.1, a safe template can currently read and write arbitrary files because Copier exposes a few pathlib.Path objects in the Jinja context which have unconstrained I/O methods. This effectively renders the security model w.r.t...