12 matches found
EUVD-2021-32527
Malicious code in bioql PyPI...
CVE-2021-45809
GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the --script= parameter...
CVE-2021-45810
GlobalProtect-openconnect versions prior to 2.0.0 exclusive are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a VPN connection to arbitrary servers. By hosting an openconnect compatible server, the...
CVE-2021-45810
GlobalProtect-openconnect versions prior to 2.0.0 exclusive are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a VPN connection to arbitrary servers. By hosting an openconnect compatible server, the...
CVE-2021-45809
GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the --script= parameter...
CVE-2021-45809
The CVE-2021-45809 entry affects GlobalProtect-openconnect versions prior to 1.4.3, due to incorrect access control in GPService via DBus and the GUI application. This flaw allows arbitrary users to run root commands by supplying the --script=[removed] parameter, indicating a high-severity privil...
CVE-2021-45809
GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the --script= parameter...
CVE-2021-45810
GlobalProtect-openconnect versions prior to 2.0.0 exclusive are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a VPN connection to arbitrary servers. By hosting an openconnect compatible server, the...
CVE-2021-45810
GlobalProtect-openconnect versions prior to 2.0.0 are affected by an improper access-control flaw in GPService via DBUS and the GUI. This vulnerability allows arbitrary users to initiate a VPN connection to arbitrary servers, and by hosting an openconnect-compatible server, an attacker could redi...
GlobalProtect-Openconnect 安全漏洞
GlobalProtect-Openconnect is a GlobalProtect VPN client GUI for Linux based on OpenConnect and built with Qt5 to support SAML authentication mode. A security vulnerability exists in GlobalProtect-Openconnect, which is caused by GlobalProtect-Openconnect being set up in a way that allows an...
GlobalProtect-openconnect 安全漏洞
GlobalProtect-Openconnect is a GlobalProtect VPN client GUI for Linux based on OpenConnect and built with Qt5 to support SAML authentication mode. GlobalProtect-openconnect suffers from a security vulnerability that allows an attacker to redirect host-wide traffic through their own server by...
PT-2022-12418 · Unknown · Globalprotect-Openconnect
Name of the Vulnerable Software and Affected Versions: GlobalProtect-openconnect versions prior to 2.0.0 Description: The issue is related to incorrect access control in GPService through DBUS and GUI. This allows arbitrary users to start a VPN connection to arbitrary servers. An attacker can hos...