Vulnerabilities fixed in SonicWall SMA100 SSLVPN

SonicWall has fixed vulnerabilities in the SMA100 SSLVPN Specifically for firmware versions 10.2.1.13-72sv and earlier. The vulnerabilities in the SonicWall SMA100 SSLVPN include a heap-based buffer overflow, a stack-based buffer overflow, and a problem with the certificate requirement during...

CVE-2024-20717 Stored admin XSS via PayPal authentication certificate

Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser wh...

Description of the security update for Microsoft Exchange Server 2016: November 14, 2023 (KB5032147)

Description of the security update for Microsoft Exchange Server 2016: November 14, 2023 KB5032147 Notice See also KB 5032146 for additional information about issues that are fixed in this security update. This security update rollup resolves vulnerabilities in Microsoft Exchange Server. To learn...

CVE-2022-45933

KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side projec...

CVE-2021-42306

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...

Information disclosure

An information disclosure vulnerability manifests when a user or an application uploads unprotected private key data as part of an authentication certificate keyCredential? on an Azure AD Application or Service Principal which is not recommended. This vulnerability allows a user or service in the...

CVE-2013-5511

The Adaptive Security Device Management ASDM remote-management feature in Cisco Adaptive Security Appliance ASA Software 8.2.x before 8.25.46, 8.3.x before 8.32.39, 8.4.x before 8.46, 8.5.x before 8.51.18, 8.6.x before 8.61.12, 8.7.x before 8.71.7, 9.0.x before 9.03.1, and 9.1.x before 9.12.6 doe...

SuSE Update for NetworkManager, wpa_supplicant, NetworkManager-gnome SUSE-SA:2011:045

Check for the Version of NetworkManager, wpasupplicant, NetworkManager-gnome OpenVAS Vulnerability Test SuSE Update for NetworkManager, wpasupplicant, NetworkManager-gnome SUSE-SA:2011:045 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.ne...

Gentoo Security Advisory GLSA 200808-08 (stunnel)

The remote host is missing updates announced in advisory GLSA 200808-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...