CVE-2024-23104

An exposure of sensitive information to an unauthorized actor vulnerability in Fortinet FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.8, FortiNDR 7.2 all versions, FortiNDR 7.1 all versions, FortiNDR 7.0 all versions, FortiVoice 7.0.0 through 7.0.1 may allow a remote authenticated attacker with at...

CVE-2025-48418

The CVE-2025-48418 entry describes a hidden functionality privilege-escalation vulnerability affecting Fortinet FortiAnalyzer and FortiManager (including cloud variants) across multiple versions (FortiAnalyzer: 6.4 all, 7.0.x–7.6.3; FortiAnalyzer Cloud: 6.4 all, 7.0.1–7.6.3; FortiManager: 6.4 all...

Fortinet多款产品 安全漏洞

Fortinet FortiManager is a product of the American company Fortinet. Fortinet FortiManager is a centralized network security management platform. Fortinet FortiAnalyzer is a centralized network security reporting solution. Fortinet FortiAnalyzer Cloud is a cloud-based logging platform based on...

CVE-2025-55148

Missing authorization in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti Policy Secure before 22.7R1.6, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote authenticated attacker with read-only admin...

PT-2025-36754

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.9 Ivanti Policy Secure versions prior to 22.7R1.6 Ivanti ZTA Gateway versions prior to 2.8R2.3-723 Ivanti Neurons for Secure Access versions prior to 22.8R1.4 Description: The software contains a...

PT-2025-36742

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.9 Ivanti Connect Secure versions prior to 22.8R2 Ivanti Policy Secure versions prior to 22.7R1.6 Ivanti ZTA Gateway versions prior to 22.8R2.3-723 Ivanti Neurons for Secure Access versions prior ...

PT-2015-5478 · Clusterlabs +3 · Pacemaker +3

Name of the Vulnerable Software and Affected Versions: Pacemaker versions prior to 1.1.13 Description: The issue allows remote read-only users to gain privileges via an acl command due to improper evaluation of added nodes. Recommendations: For versions prior to 1.1.13, update to version 1.1.13 o...

CVE-2014-7823

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...

DEBIAN-CVE-2014-7823

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...

CVE-2014-7823

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...

qemu: job usage issue in several APIs leading to libvirtd crash

Multiple race conditions in the 1 virDomainBlockStats, 2 virDomainGetBlockInf, 3 qemuDomainBlockJobImpl, and 4 virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service libvirtd...

DEBIAN-CVE-2013-6458

Multiple race conditions in the 1 virDomainBlockStats, 2 virDomainGetBlockInf, 3 qemuDomainBlockJobImpl, and 4 virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service libvirtd...