PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0257 CVSS score: 7.8, refers to a case of authentication bypass that could be exploited b...

EUVD-2020-22291

Malware in sbrugna...

EUVD-2005-2580

Malware in sbrugna...

Access Control Bypass

Apache HTTP Server modssl is vulnerable to Access control bypass. The vulnerability is due to improper handling of TLS 1.3 session resumption across multiple virtual hosts with different trusted client certificate configurations, which allows an attacker with a trusted certificate for one virtual...

Qnap QuTS hero Cross-site Scripting (CVE-2020-2498)

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 bui...

How to Configure an External SSL Certificate for XenMobile Device Manager 9.0

This article provides information on how to configure an external SSL Certificate for XenMobile Device Manager XDM. The procedure in this article should be used during new installations or certificate renewals with the same FQDN – new installations that are set up with internal self-signed...

PT-2023-5839 · Triangle Microworks · Scada Data Gateway

Name of the Vulnerable Software and Affected Versions: Triangle MicroWorks SCADA Data Gateway affected versions not specified Description: The issue is related to the disclosure of information in the SCADA Data Gateway system. It allows remote attackers to disclose sensitive information on affect...

CVE-2020-2498

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 bui...

CVE-2020-2498

CVE-2020-2498 is a cross-site scripting vulnerability affecting QTS and QuTS hero. The issue allows remote attackers to inject malicious code into certificate configuration if exploited. Affected versions were fixed in QuTS hero h4.5.1.1472 build 20201031 and later, QTS 4.5.1.1456 build 20201015 ...

CVE-2020-2498 Cross-site scripting vulnerability in QTS and QuTS hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 bui...

PT-2020-15874 · Qnap · Qts +1

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 4.5.1.1456 build 20201015 QuTS hero versions prior to h4.5.1.1472 build 20201031 QTS versions prior to 4.4.3.1354 build 20200702 QTS versions prior to 4.3.6.1333 build 20200608 QTS versions prior to 4.3.4.1368 build...

QNAP Systems Cross-Site Scripting Vulnerability in Multiple Products

Qnap Systems QNAP QTS is a Turbo NAS operating system from Qnap Systems. The system provides file storage, management, backup, multimedia applications and security monitoring. A cross-site scripting vulnerability exists in several QNAP Systems products, which can be exploited by an attacker to...

QANP Multi-Product Cross-Site Scripting Vulnerability

Qnap Systems QNAP QTS is a data storage device with SAN-like storage architecture from Qnap Systems, China. The device supports tiered storage, mirror protection, and other safeguard features.QNAP Systems QUTS Hero is a NAS operating system for file management from QNAP Systems, China. The system...

Qnap Systems Cross-Site Scripting Vulnerability in Multiple Products

Qnap Systems QNAP QTS is a Turbo NAS operating system from Qnap Systems, China. The system provides file storage, management, backup, multimedia applications and security monitoring, etc. QNAP Systems QUTS Hero is a NAS operating system for file management from QNAP Systems, China. The system...

QNAP Systems QUTS Hero and Qnap Systems QNAP QTS Cross-Site Scripting Vulnerabilities

Qnap Systems QNAP QTS is a data storage device with SAN-like storage architecture from Qnap Systems, China. The device supports tiered storage, mirror protection, and other safeguard features.QNAP Systems QUTS Hero is a NAS operating system for file management from QNAP Systems, China. The system...

Weilian QNAP Systems QUTS Hero Command Injection Vulnerability

QNAP Systems QUTS Hero is a NAS operating system for file management from China Weilian QNAP Systems. The system retains the application ecology of QTS and integrates the more powerful 128-bit ZFS file system to provide more stable and reliable NAS storage solutions for enterprises. A command...

PT-2019-3138 · Openssl +1 · Openssl +1

Name of the Vulnerable Software and Affected Versions: OpenSSL versions 1.0.2 through 1.0.2s OpenSSL versions 1.1.0 through 1.1.0k OpenSSL versions 1.1.1 through 1.1.1c Description: The issue is related to errors in the certificate authentication procedure. It allows an attacker to impact data...

Troubleshooting Checklist: In Secure Mail, a "Cannot authenticate to the server <FQDN> because the certificate is not valid” error appears

Do the following: Ensure that the certificate chain is valid and that the configuration is complete on the Exchange Server. Try to connect the native email client with the same Exchange Server. If it works as expected, the issue is with client certificate configuration on the XenMobile server Onl...