18 matches found
Tecno AudioLink 安全漏洞
Tecno AudioLink is an audio linking software in cell phones from the Chinese company Tecno. A security vulnerability exists in Tecno AudioLink, which stems from insufficient protection of the AudioLink component service and could allow a local attacker to overwrite system files...
CVE-2025-59478 BIG-IP AFM DoS protection profile vulnerability
When a BIG-IP AFM denial-of-service DoS protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
The vulnerability of Mozilla Firefox’s Content Security Policy mechanism allows attackers to circumvent security restrictions and gain unauthorized access to protected information.
The vulnerability of Mozilla Firefox’s Content Security Policy mechanism is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to bypass security restrictions and gain unauthorized access to protected information...
SUSE-SU-2025:0325-1 Security update for clamav
This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. - Start clamonacc with --fdpass to avoid errors due to clamd not being able to...
PT-2024-10001 · Moxa · Moxa Ip Cameras +1
Name of the Vulnerable Software and Affected Versions: Moxa VPort 07-3 version 1.0 Description: The issue is related to insufficient input validation in the moxa cmd service, which can be exploited to disrupt operations, potentially leading to a denial-of-service condition or service crash. If th...
PT-2024-33094 · Parisneo · Lollms-Webui
Name of the Vulnerable Software and Affected Versions: parisneo/lollms-webui versions 9.6 through the latest Description: A Cross-Site Request Forgery CSRF vulnerability exists in the 'Servers Configurations' function, affecting services such as Elastic search Service, XTTS service, Petals servic...
F5 BIG-IP AFM Security Vulnerability
F5 BIG-IP AFM is an advanced firewall product from F5 USA for protection against DDos attacks. A security vulnerability exists in the F5 BIG-IP AFM Clients that stems from a vulnerability that allows an attacker to trick clients into sending IP traffic outside of the VPN tunnel...
The vulnerability of the Client Server Run-Time Subsystem (CSRSS) in the Windows operating system, which allows a perpetrator to access confidential information
The vulnerability of the Client Server Run-Time Subsystem CSRSS in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to access confidential information...
Insufficient Protection against HTTP Request Smuggling in mitmproxy
Impact In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While...
UBUNTU-CVE-2022-24766
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...
PT-2021-3101 · Microsoft · Sharepoint Server +1
Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to insufficient protection of service data in Microsoft SharePoint Server, which can be exploited by a remote attacker to gain unauthorized access t...
CVE-2021-0234
Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS Distributed Denial of Service settings when configured from the CLI. The DDoS...
Akamai Recognized as 2021 Gartner Peer Insights Customers' Choice for Web Application Firewalls
Akamai has been named a Gartner Peer Insights Customers' Choice for Web Application Firewalls for the second time. Gartner defines web application firewalls WAFs as "solutions designed to protect web applications and APIs from a variety of attacks, including automated bots, injection and...
CVE-2020-25228
A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...
Citrix ADC Deprecated Classic Policy Based Features and Functionalities FAQs
Q. Which all Classic policy based features and functionalities are being removed from Citrix ADC? Answer: All the features and functionalities mentioned in “Feature Description” column in Table 1 below are being removed from Citrix ADC. These features were deprecated in 12.0 builds and will be...
The vulnerabilities of browsers Internet Explorer and Microsoft Edge allow attackers to access the content of local files.
The vulnerability of browsers Internet Explorer and Microsoft Edge is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to access the content of local files remotely...
Barracuda LB / SVF / WAF / WEF Cross Site Scripting
Title: ====== Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=727 Note: The issue was part of the official Barracuda Networks Bug Bounty Program. VL-ID: ===== 727 Common Vulnerability Scoring...
Design/Logic Flaw
CipherTrust IronMail 5.0.1, when "Denial of Service Protection" is enabled, allows remote attackers to cause a denial of service possibly CPU consumption via a SYN flood with malformed TCP packets from multiple connections...