CVE-2018-25153

CVE-2018-25153 is associated with GNU Barcode 0.99, per OSV and PT-2025 entries. The issue is a memory leak in the command line processing function in cmdline.c, where crafted input can cause unfreed memory allocations and potentially lead to denial of service. No explicit patch or fixed version ...

EUVD-2023-60269

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrsacpihid command-line parameter The 'acpiid' buffer in the parseivrsacpihid function may overflow, because the string specifier in the format string sscanf has no width limitation...

CVE-2023-54057

CVE-2023-54057 : Linux kernel vulnerability in iommu/amd where the acpiid buffer may overflow due to an unbounded sscanf() format string in parse_ivrs_acpihid. Root cause: lack of width limitation on the IVRS ACPIHID parameter, enabling potential overflow. Connected advisories describe kernel pat...

PT-2025-53373

Name of the Vulnerable Software and Affected Versions GNU Barcode version 0.99 Description The software contains a memory leak issue in the command line processing function within the cmdline.c file. An attacker can exploit this by providing crafted input, leading to unfreed memory allocations an...

[SECURITY] Fedora 43 Update: mqttcli-0.2.8-1.fc43

mqttcli provides two programs pub and sub that allow command-line access to an MQTT broker. sub subscribes to a topic and prints messages received to standard output. pub publishes the provided message to the provided topic. Both programs accept flags that can be provided as a config file...

CVE-2025-65637 affecting package dcos-cli for versions less than 1.2.0-23

CVE-2025-65637 affecting package dcos-cli for versions less than 1.2.0-23. A patched version of the package is available...

CVE-2025-68459

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...

📄 libtransmission 2.93 Integer Overflow

libtransmission versions 2.93 and below suffer from multiple integer overflows. A remote attacker could create a specially crafted .torrent file which may be small when compressed that exploits these overflows when a victim loads it via Transmission or its command-line interface transmission-cli...

CVE-2025-68459

RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Ruijie Networks Co., Ltd. contain an OS command injection vulnerability. An arbitrary OS command may be executed on the product by an attacker who logs in to the CLI service...

MicrosoftAmplifierPoC

Microsoft Amplifier RCE PoC Proof of concept demonstrating re...

BIT-JENKINS-2025-67635

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service...

GHSA-9P56-P6MW-W8QC Jenkins has a Denial of service vulnerability in HTTP-based CLI

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service...

appscanstandard-integration:ibm-security-appscanstandard-scanner (>=1.0 <=2.8), au.com.versent.jenkins.plugins:ignore-committer-strategy (>=55.v51410e712e0c <=57.v0756db_b_f6926) +623 more potentially affected by CVE-2025-67635 via org.jenkins-ci.main:cli (>=2.0 <=2.528.2)

org.jenkins-ci.main:cli MAVEN version =2.0, =1.0, =55.v51410e712e0c, =4.1.0.506.v619d63bec9d8, =66.v12c841920f7d, =109.v2c51a117a7b4, =1.155.v3d884c1bdee1, =1.281.v331e3f5a05a9, =4050.v8ba69b587c39, =4050.v8ba69b587c39, =1.0.5, =2.0.0, =2.0, =1.0.2, =1.0.0, =1.0.6 and more Source cves: CVE-20...

Improper Resource Shutdown or Release

Overview org.jenkins-ci.main:cli is a Command line interface for Jenkins. Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the HTTP-based CLI connections. An attacker can cause the service to become unavailable by sending corrupted connection streams,...

Jenkins has a Denial of service vulnerability in HTTP-based CLI

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service...

Jenkins 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins 2.540 and earlier and LTS 2.528.2 and earlier, which stems from not properly...

sd 安全漏洞

sd is a command line tool by Gregory Personal Developer A security vulnerability exists in sd 1.0.0 and earlier versions, which stems from a potential elevation of privileges to root...

jenkins -- multiple vulnerabilities

Jenkins Security Advisory: Description High SECURITY-3630 / CVE-2025-67635 Denial of service vulnerability in HTTP-based CLI Medium SECURITY-1809 / CVE-2025-67636 Missing permission check on password fields Medium SECURITY-783 / CVE-2025-67637 storage, CVE-2025-67638 masking Build authorization...

EUVD-2025-201467

nitro-tpm-pcr-compute may allow kernel command line modification by an account operator...

nitro-tpm-pcr-compute may allow kernel command line modification by an account operator

Summary Adding default PCR12 validation to ensure that account operators can not modify kernel command line parameters, potentially bypassing root filesystem integrity validation. Attestable AMIs are based on the systemd Unified Kernel Image UKI concept which uses systemd-boot to create a single...