CVE-2024-47463

CVE-2024-47463 describes an arbitrary file creation vulnerability in Aruba Instant AOS-8 and AOS-10 CLI service that, when exploited by an authenticated user, could lead to remote code execution on the underlying OS. The issue affects the CLI path and is tied to authenticated remote command execu...

CVE-2024-47462 Arbitrary File Creation Vulnerability in Instant AOS-8 and AOS-10 leads to Authenticated Remote Command Execution (RCE)

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote command execution RCE on the underlying...

jenkins: Item creation restriction bypass vulnerability

A flaw was found in Jenkins. When attempting to create an item prohibited by ACLhasCreatePermission2 or TopLevelItemDescriptorisApplicableInItemGroup through the Jenkins CLI or the REST API, if either of these checks fail, Jenkins creates the item in memory and only deletes it from disk. This may...

The vulnerability of the command-line interface of the microprogramming software for Cisco Analog Telephone Adapter (ATA) series 190 allows a perpetrator to execute arbitrary commands.

The vulnerability of the command-line interface of microprogramming software for Cisco Analog Telephone Adapter ATA series 190 devices exists due to the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows an...

The vulnerability of Firefox’s command-line interface for browsing, accessing bookmarks, and viewing history is related to the creation of temporary files with insecure permissions. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of Firefox’s command-line interface for reading, viewing bookmarks, and accessing history is related to the creation of temporary files with insecure permissions in the /tmp directory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

The vulnerability of the command-line interface of Cisco Firepower Threat Defense (FTD) software allows a malicious actor to gain unauthorized access to read, modify, or delete data, or to cause a service failure.

The vulnerability of the command-line interface of Cisco Firepower Threat Defense FTD microprogramming systems is related to the use of strictly encrypted account data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to read, modify, or delete data, or cause servic...

Fortinet Fortigate ] Sensitive information is displayed in cleartext in the CLI window when using diagnose sys ha checksum command (FG-IR-20-009)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-009 advisory. - A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier...

The vulnerability of the PFE (evo-pfemand) control demon in JunOS Evolved operating systems allows a intruder to trigger a service failure.

The vulnerability of the PFE evo-pfemand control demon for JunOS Evolved is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service failures by executing arbitrary commands through the command line interface, or by sending...

The vulnerability of the command-line interface (CLI) of the Junos OS Evolved router operating system, allowing a attacker to cause a service failure

The vulnerability of the command-line interface CLI of the Junos OS Evolved router operating system QFX5000, where resources are not properly cleaned or released. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the PowerShell command line interface on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the PowerShell command line interface on Windows operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2024-20461

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an authenticated, local attacker with high privileges to execute arbitrary commands as the root user. This vulnerability exists because CLI input is not properly sanitized. An attacker could exploit...

[SECURITY] Fedora 40 Update: koji-1.35.1-1.fc40

Koji is a system for building and tracking RPMS. The base package contains shared libraries and the command-line interface...

Moderate: Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Client tkn for 1.16.0 release

Red Hat OpenShift Pipelines Client tkn for 1.16.0 has been released. Red Hat OpenShift Pipelines Client, tkn for the 1.16.0 release, provides a CLI tool to interact with the Pipelines and Triggers components provided by Red Hat OpenShift Pipelines 1.16.0 The tkn CLI tool is delivered as an RPM...

PT-2024-7197 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: JunOS Evolved affected versions not specified Description: The issue is related to an unbounded resource allocation in the PFE management daemon evo-pfemand of JunOS Evolved operating systems. An attacker, acting remotely, can exploit this...

PT-2024-7844 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Junos OS Evolved versions prior to 20.4R3-S9-EVO Junos OS Evolved version 21.2-EVO prior to 21.2R3-S7-EVO Junos OS Evolved version 21.4-EVO prior to 21.4R3-S5-EVO Junos OS Evolved version 22.1-EVO prior to 22.1R3-S5-EVO Junos OS Evolved versi...

Microsoft Azure Command Line Integration 命令注入漏洞

Microsoft Azure Command Line Integration CLI is a cross-platform command line tool from Microsoft USA that connects to Azure and executes management commands on Azure resources. Microsoft Azure Command Line Integration CLI suffers from an elevation of privilege vulnerability that is caused by a...

The vulnerability of the command-line interface of ArubaOS systems allows a hacker to execute arbitrary code.

The vulnerability of the command-line interface of ArubaOS systems is related to incorrect restrictions on the path name to the restricted-access directory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

GHSA-F9QJ-77Q2-H5C5 Jenkins item creation restriction bypass vulnerability

Jenkins provides APIs for fine-grained control of item creation: - Authorization strategies can prohibit the creation of items of a given type in a given item group ACLhasCreatePermission2. - Item types can prohibit creation of new instances in a given item group...

CVE-2024-47805

Jenkins Credentials Plugin 1380.va435002fa924 and earlier, except 1371.1373.v4ebfab7161e9, does not redact encrypted values of credentials using the SecretBytes type when accessing item config.xml via REST API or CLI...

PT-2024-32821 · Jenkins · Credentials Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Plugin versions 1380.va 435002fa 924 and earlier, except version 1371.1373.v4eb fa b 7161e9 Description: The issue concerns the Jenkins Credentials Plugin, which does not redact encrypted values of credentials using the...