Cisco Patches 48 Firewall Vulnerabilities with Two CVSS 10 Flaws

Cisco patches 48 vulnerabilities in Secure Firewall products, including two critical CVSS 10 flaws that could allow authentication bypass and remote code execution...

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...

EUVD-2012-0371

Malware in sbrugna...

EUVD-2006-0494

Malware in sbrugna...

EUVD-2015-7759

Malware in sbrugna...

EUVD-2012-1809

Malware in sbrugna...

CVE-2025-20362

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial...

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the...

PT-2024-5748

Name of the Vulnerable Software and Affected Versions SonicWall SonicOS versions prior to 7.0.1-5035 SonicWall Gen 5 and Gen 6 devices SonicWall Gen 7 devices versions prior to 7.0.1-5035 Description SonicWall SonicOS contains an improper access control vulnerability that could allow an attacker ...

Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics

Zeppelin ransomware is back and employing new compromise and encryption tactics in its recent campaigns against various vertical industries—particularly healthcare—as well as critical infrastructure organizations, the feds are warning. Threat actors deploying the ransomware as a service RaaS are...

Cyber Security Week in Review (March 22)

Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we think you need to know in the security world. For more news delivered to your inbox every week, sign up for our Threat Source newsletter here. Top headlines this week Norwegian aluminum company...

CheckPoint/Sofaware Firewall - Multiple Vulnerabilities

ProCheckUp Research http://procheckup.com/procheckup-labs/pr11-07.aspx PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls Vulnerability found: 3rd May 2011 Vendor informed: 20th July 2011 Vulnerability fixed: 16th...

Trend Micro OfficeScan Client Firewall Multiple Vulnerabilities

The remote host is either running Trend Micro OfficeScan or Trend Micro OfficeScan Client. The installed version is affected by multiple vulnerabilities : - A vulnerability in 'ApiThread' function could allow a malicious local user to execute arbitrary code with SYSTEM privileges by sending...

Multiple Symantec Nexland Firewall bugs

Information leak, unauthorized configuration, DoS...

Check Point FireWall-1 4.x Multiple Vulnerabilities (OF, FS)

The remote Check Point Firewall web server crashes when sent a specially formatted HTTP request. A remote attacker could use this to crash the web server, or possibly execute arbitrary code. This bug is a solid indicator that the server is vulnerable to several other Check Point FW-1 4.x bugs tha...

[Full-Disclosure] exploiting fortigate firewall through webinterface

Issue: Several vulnerabilities in web interface of Fortigate firewall of which the most serious one will allow a remote attacker to obtain a username and password of the Fortigate. Release: pre 2.50 maintenance release 4 Fixed in: Fortinet OS 2.50 MR4, available from FTP as of 29 Sept. 2003 Date:...

CVE-2002-2150

Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as 1 TCP SYN flood, 2 UDP flood, or 3 Crikey CRC Flood, which causes the firewall to refuse any new connections...

Многочисленные дырки в Firewall-1

8 различных неприятных дырок позволяют полностью обходить защиту Firewall-1 и, кроме того, устраивать DoS-атаки на сам Firewall...

Многочисленные уязвимости в Firewall-1

Уязвимости разного вида вызванные недостатками модели безопасности...

Firewall-1 Session Agent, DOS and password thief

hi, after the great revelations at the las vegas black hat about many security vulnerabilities in firewall-1, i was looking at this little module i use in my compagny and called "authentication session agent". We use it all over the corporate network to allow only some priviledged users to go int...