29 matches found
EUVD-2016-2484
Malware in sbrugna...
EUVD-2014-3406
Malware in sbrugna...
EUVD-2008-2729
Malware in sbrugna...
EUVD-2014-3405
Malware in sbrugna...
EUVD-2007-2457
Malware in sbrugna...
EUVD-2013-5355
Malware in sbrugna...
EUVD-2008-2727
Malware in sbrugna...
EUVD-2013-1239
Malware in sbrugna...
EUVD-2022-25987
Malicious code in bioql PyPI...
CVE-2009-2631
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in...
VulnCheck KEV: CVE-2023-20269
Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN...
Cisco Patches High-Severity Vulnerability Affecting ASA and Firepower Solutions
Cisco on Wednesday released patches to contain multiple flaws in its software that could be abused to leak sensitive information on susceptible appliances. The issue, assigned the identifier CVE-2022-20866 CVSS score: 7.4, has been described as a "logic error" when handling RSA keys on devices...
Cisco Adaptive Security Appliance Software Clientless SSL VPN Heap Overflow (cisco-sa-asa-ssl-vpn-heap-zLX3FdX)
According to its self-reported version, Cisco ASA Software is affected by an heap overflow condition in the handler for HTTP authentication resources accessed through the Clientless SSL VPN portal which allows an authenticated, remote attacker to cause a denial of service condition or obtain...
CVE-2022-20737
A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device or to obtain portion...
CVE-2022-20737
A vulnerability in the handler for HTTP authentication for resources accessed through the Clientless SSL VPN portal of Cisco Adaptive Security Appliance ASA Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device or to obtain portion...
Crlf injection
A vulnerability in the Clientless SSL VPN WebVPN of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to...
U.S. Dept Of Defense: Read-only path traversal (CVE-2020-3452) at https://█████
Summary: I discovered a vulnerability Read-only path traversal CVE-2020-3452 at https://███████ Description: A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote...
U.S. Dept Of Defense: ███ is vulnerable to CVE-2020-3452 Read-Only Path Traversal Vulnerability
Summary: ████████ is vulnerable to Read-Only Path Traversal Vulnerability as described at https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86 Description: Get request parameters at the /+CSCOT+/translation-table and the /+CSCOT+/oem-customization...
Cisco Adaptive Security Appliance VPN SAML Authentication Bypass Vulnerability (cisco-sa-20190501-asaftd-saml-vpn)
According to its self-reported version the Cisco Adaptive Security Appliance ASA software running on the remote device is affected by an authentication bypass vulnerability in the implementation of Security Assertion Markup Language SAML 2.0 Single Sign-On SSO for Clientless SSL VPN WebVPN and...
Cisco Adaptive Security Appliance Software DoS (cisco-sa-20181003-asa-syslog-dos)
According to its self-reported version, the TCP syslog module of Cisco Adaptive Security Appliance ASA Software and allows an unauthenticated, remote attacker to exhaust the 1550-byte buffers on an affected device, resulting in a denial of service DoS condition. The vulnerability is due to a...