EUVD-2021-1658

Malware in sbrugna...

EUVD-2024-32351

Malicious code in bioql PyPI...

CVE-2024-26009

An authentication bypass using an alternate path or channel CWE-288 vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to...

Qualys TotalCloud Wins “Best Cloud Security Product” at 2025 SC Awards Europe

We’re proud to announce that Qualys TotalCloud has been named “Best Cloud Security Product” at the 2025 SC Awards Europe —a recognition of our relentless drive to unify, simplify, and modernize cloud security for enterprises across the globe. In today’s complex multi-cloud world, securing...

CVE-2021-37850

ESET was made aware of a vulnerability in its consumer and business products for macOS that enables a user logged on to the system to stop the ESET daemon, effectively disabling the protection of the ESET security product until a system reboot...

CVE-2024-6654

CVE-2024-6654 affects ESET Products for macOS. The vulnerability stems from incorrect handling of symbolic links before file access in the macOS components, enabling a locally authenticated user to trigger a denial-of-service condition that could disable ESET protection and slow the system. Affec...

CVE-2024-3779

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met...

CVE-2024-3779

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met...

CGA-X67P-X4PH-9WJR

Bulletin has no description...

IBM Security QRadar 安全漏洞

IBM Security QRadar is a modernized threat detection and response solution from International Business Machines IBM, Inc. designed to unify and integrate the security analyst experience and improve their response speed throughout the incident lifecycle. IBM Security QRadar suffers from an HTML...

Ruijie RG-UAC 安全漏洞

Ruijie Rg-Uac is an Internet behavior management and auditing product from China Ruijie Networks Ruijie. It is used to solve Internet auditing problems. A security vulnerability exists in Ruijie RG-UAC 20240419 and earlier versions, which stems from the parameter name in the file /view/network...

Think Your MFA and PAM Solutions Protect You? Think Again

When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out not to be the case. A new report, produced by Osterman Research and commissioned by Silverfort, reveals that MFA Multi-Factor Authentication and PAM Privileged Access...

KNX Connection Authorization 安全漏洞

KNX Connection Authorization is a network security product from KNX Open Source. KNX Connection Authorization suffers from a security vulnerability that stems from the fact that it is easy to be locked out and that users cannot reset them to gain access to the device...

Nac_Bypass_Agent - This Function Combines All The Above Functions And Takes Necessary Information From The User To Change The IP And MAC Address, Start The Responder And Tcpdump Tools, And Run The Nbtscan Tool

Nac Bypass Agent This piece of code is a script written in Python and designed to run on Kali Linux. Here is a summary explaining what each function does: runcommandcommand: This function runs the command it takes as input and returns its output. killnetworkservices: This function stops the...

The Magic of Branding: ​Creating an Optimistic Identity for a Security Product

In the world of security, the dominant approach to branding is often based on fear and intimidation. But at Wiz, we're taking a different approach. We believe in the power of optimism and positivity, and we're building a brand that reflects those values...

CVE-2023-2847

During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privileges due to improper privilege management to trigger actions with root privileges. ESET remedied th...

CVE-2022-22307

IBM Security Guardium 11.3, 11.4, and 11.5 could allow a local user to obtain elevated privileges due to incorrect authorization checks. IBM X-Force ID: 216753...

JVN#55675303: Digital Arts m-FILTER vulnerable to improper authentication

m-FILTER provided by Digital Arts Inc. is an emaill security product. m-FILTER contains an improper authentication vulnerability CWE-287 when emails are being sent under certain conditions, and unintended emails may be sent by a remote attacker. Digital Arts Inc. states that attacks exploiting th...

An arbitrary file reading vulnerability exists in SANGFOR Internet Optimization Management System of Deep Impact Technology Co.

SANGFOR Internet optimization management system is a security product that integrates Internet behavior management, network access, device access and business access behavior analysis. Core advantages: multiple authentication methods, comprehensive audit capability, support for multiple applicati...

Dell BSAFE 安全特征问题漏洞

Dell BSAFE Micro Edition Suite is a development kit that provides encryption, certificate and transport layer security for c/c applications, devices, systems, etc. Dell BSAFE is a security software product that supports encryption algorithms, certificate chain authentication and transport layer...