38 matches found
EUVD-2021-12176
Malware in sbrugna...
EUVD-2022-52157
Malicious code in bioql PyPI...
EUVD-2022-51010
Malicious code in bioql PyPI...
EUVD-2022-51009
Malicious code in bioql PyPI...
CVE-2022-4901
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim...
CVE-2022-48309
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90...
CVE-2022-48310
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90...
CVE-2021-25265
A malicious website could execute code remotely in Sophos Connect Client before version 2.1...
CVE-2022-48310
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90...
CVE-2022-4901
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim...
CVE-2022-48309
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90...
CVE-2022-48309
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90...
CVE-2022-48310
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90...
CVE-2022-4901
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim...
Cross site request forgery (csrf)
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90...
Information disclosure
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90...
Cross site scripting
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim...
PT-2023-15687 · Sophos · Sophos Connect
Name of the Vulnerable Software and Affected Versions: Sophos Connect versions prior to 2.2.90 Description: A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives. Recommendations: For Sophos Connect versions prior to 2.2.90, update to version 2.2.90 or lat...
PT-2023-15689 · Sophos · Sophos Connect
Name of the Vulnerable Software and Affected Versions: Sophos Connect versions prior to 2.2.90 Description: An information disclosure issue allows sensitive key material to be included in technical support archives. Recommendations: For Sophos Connect versions prior to 2.2.90, update to version...
CVE-2022-4901
Multiple stored XSS vulnerabilities in Sophos Connect versions older than 2.2.90 allow Javascript code to run in the local UI via a malicious VPN configuration that must be manually loaded by the victim...