EUVD-2014-4273

Malware in sbrugna...

CVE-2022-2310

An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of...

CVE-2022-2310 Skyhigh SWG Authentication bypass vulnerability

An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of...

CVE-2022-2310

CVE-2022-2310 affects Skyhigh SWG. An authentication bypass allows remote login to the admin UI due to improper whitelisting of bypass methods and a weak crypto password. Affected versions include Skyhigh SWG 8.x–8.2.27, 9.x–9.2.22, 10.x–10.2.11, and 11.x–11.2.0. Remediation: upgrade to 8.2.28+, ...

SAP Web Dispatcher 跨站脚本漏洞

SAP Web Dispatcher is a core component of Load Balancing from SAP, which supports load balancing and provides reverse proxy functionality to enable external users to access internal applications. A cross-site scripting vulnerability exists in SAP Web Dispatcher and SAP Netweaver AS for ABAP and...

CVE-2021-36316

Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation ...

Sonatype Nexus Repository Manager Cross-Site Scripting Vulnerability (CNVD-2018-11638)

Sonatype Nexus Repository Manager aka NXRM is a maven repository manager. A cross-site scripting vulnerability exists in Sonatype NXRM versions prior to 3.12.0. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the Administration UI...