PT-2025-11096 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability exists in the Command Line Interface CLI of Cisco IOS XR Software due to insufficient validation of user-supplied arguments passed to specific CLI commands. Th...

CVE-2024-46663

A stack-buffer overflow vulnerability CWE-121 in Fortinet FortiMail CLI version 7.6.0 through 7.6.1 and before 7.4.3 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI commands...

Fortinet FortiSandbox 安全漏洞

Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A security vulnerability exists in Fortinet FortiSandbox versions 4.4.0 to...

GHSA-P34J-R3CH-C985 Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI. This allows attackers with Agent/Extended Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted...

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

Duplicate Advisory: Wildfly Elytron integration susceptible to brute force attacks via CLI

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qhp6-6p8p-2rqh. This link is maintained to preserve external references. Original Description A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent...

CVE-2025-23368 Org.wildfly.core:wildfly-elytron-integration: wildfly elytron brute force attack via cli

A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI...

PT-2025-9676

Name of the Vulnerable Software and Affected Versions Wildfly affected versions not specified Description A flaw was found in the Wildfly Elytron integration, where the component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame...

CVE-2025-20118

A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...

The vulnerability of the command-line interface of Cisco IOS XR allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the command-line interface of Cisco IOS XR systems is related to improper validation of arguments passed to a specific CLI command. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the command-line interface (CLI) of the FortiClient for MAC security tool allows a perpetrator to gain unauthorized access to the system.

The vulnerability of the command-line interface CLI of the FortiClient for MAC security tool is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain unauthorized access to the system...

CVE-2022-43542

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

CVE-2022-37920

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete...

CVE-2022-37912

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2022-39245

Mist is the command-line interface for the makedeb Package Repository. Prior to version 0.9.5, a user-provided sudo binary via the PATH variable can allow a local user to run arbitrary commands on the user's system with root permissions. Versions 0.9.5 and later contain a patch. No known...

CVE-2024-45391

Tina is an open-source content management system CMS. Sites building with Tina CMS's command line interface CLI prior to version 1.6.2 that use a search token may be vulnerable to the search token being leaked via lock file tina-lock.json. Administrators of Tina-enabled websites with search setup...

The vulnerability of the CLI command-line interface of the Fortinet FortiManager device management software, as well as the FortiAnalyzer security event monitoring and analysis tools, allows attackers to exploit their privileges.

The vulnerability of the CLI command-line interface of the Fortinet FortiManager device management software, as well as the FortiAnalyzer security event monitoring and analysis tools, is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to gain...

MAL-2025-795 Malicious code in akamai-edgeworkers-cli (npm)

--- -= Per source details. Do not edit below this line.=-...

The vulnerability of the command-line interface (CLI) of the FortiRecorder surveillance system’s microprogramming software allows a perpetrator to gain access to read, modify, and delete any files they desire.

The vulnerability of the command-line interface CLI of the FortiRecorder surveillance system software relates to incorrect restrictions on the path name to the restricted-access directory. Exploiting this vulnerability can allow an attacker to gain read, modify, and delete access to arbitrary fil...

The vulnerability of the Command Line Interface (CLI) of the Fortinet FortiClient security device allows a perpetrator to increase their privileges and execute arbitrary code.

The vulnerability of the Command Line Interface CLI of the Fortinet FortiClient security device relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code by sendi...