CVE-2024-38279

The affected product is vulnerable to an attacker modifying the bootloader by using custom arguments to bypass authentication and gain access to the file system and obtain password hashes...

PT-2024-27917 · Motorola Solutions +1 · Vigilant Fixed Lpr Coms Box +2

Name of the Vulnerable Software and Affected Versions: Affected product affected versions not specified Description: The issue allows an attacker to modify the bootloader by using custom arguments to bypass authentication, gaining access to the file system and obtaining password hashes...

CVE-2022-44731

The CVE-2022-44731 vulnerability affects Siemens SIMATIC WinCC OA Ultralight Client. The Ultralight Client backend can be injected with custom arguments under certain conditions when started via the web interface, enabling an authenticated remote attacker to inject parameters (e.g., open attacker...

PT-2022-27287 · Siemens · Simatic Wincc

Name of the Vulnerable Software and Affected Versions: SIMATIC WinCC OA versions prior to V3.15 P038 SIMATIC WinCC OA versions prior to V3.16 P035 SIMATIC WinCC OA versions prior to V3.17 P024 SIMATIC WinCC OA versions prior to V3.18 P014 Description: A vulnerability allows injecting custom...

CVE-2018-0477 Cisco IOS XE Software Command Injection Vulnerabilities

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exist because the affected software improperly sanitizes command arguments, faili...