71 matches found
Exploit for CVE-2025-10681
CERT/CC VU653116 | CISA Advisory ICSA-26-055-03https:/...
CVE-2022-33697
Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log...
CVE-2025-57823
A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...
CVE-2025-57823
A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...
CVE-2025-57823
A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...
CVE-2025-57823
CVE-2025-57823 affects Fortinet FortiAuthenticator 6.3–6.6.x (including 6.3, 6.4, 6.5, 6.6.0–6.6.6). It is a direct request (forced browsing) vulnerability that an authenticated user with sponsor permissions can use to read and download device logs by accessing specific endpoints. Impact is limit...
CVE-2025-57823
A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...
CVE-2025-57823
A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...
PT-2025-50117
Name of the Vulnerable Software and Affected Versions Fortinet FortiAuthenticator versions 6.3 through 6.6.6 Fortinet FortiAuthenticator version 6.5 Fortinet FortiAuthenticator version 6.4 Fortinet FortiAuthenticator version 6.6.0 through 6.6.6 Description An authenticated attacker with sponsor...
Fortinet FortiAuthenticator 安全漏洞
Fortinet FortiAuthenticator is a centralized user identity management solution from Fortinet, Inc. A security vulnerability exists in Fortinet FortiAuthenticator versions 6.6.0 through 6.6.6, all versions 6.5, all versions 6.4, and all versions 6.3, which stems from a direct request vulnerability...
EUVD-2010-0145
Malware in sbrugna...
EUVD-2023-48209
Malicious code in bioql PyPI...
EUVD-2024-1198
Malicious code in bioql PyPI...
EUVD-2024-49881
Malicious code in bioql PyPI...
CVE-2024-9929
A vulnerability exists in NSD570 that allows any authenticated user to access all device logs disclosing login information with timestamps...
CVE-2024-36444
cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an unauthenticated attacker to gain access to device logs...
CVE-2019-1815
A security vulnerability was discovered in the local status page functionality of Cisco Meraki’s MX67 and MX68 security appliance models that may allow unauthenticated individuals to access and download logs containing sensitive, privileged device information. The vulnerability is due to improper...
CVE-2023-43846
Incorrect access control in logs management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote attackers to get the device logs via HTTP GET request. The logs contain such information as user names and IP addresses used in the infrastructure. This information may help the...
CVE-2024-3046
In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4.1, a specifically crafted request to the servlet can allow an unauthenticated user to retrieve the device logs. Also, downloaded logs may be used by an attacker to perform privilege escalation by using the session id of an...
CVE-2024-9929
A vulnerability exists in NSD570 that allows any authenticated user to access all device logs disclosing login information with timestamps...