Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability...

PT-2026-34663

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

EUVD-2018-1206

Malware in sbrugna...

EUVD-2022-50690

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in the bpfskselectreuseport function that does not properly handle socket reference counts for...

Mustang Panda Targets Philippines Government Using Legitimate Software

Summary: Mustang Panda, a threat actor associated with China, has been implicated in a cyber attack targeting a government entity in the Philippines. The attackers employed a strategy of using legitimate software, such as Solid PDF Creator and SmadavProtect an antivirus solution based in Indonesi...

PT-2023-2561 · Cisco · Cisco Broadworks Network Server

Name of the Vulnerable Software and Affected Versions: Cisco BroadWorks Network Server affected versions not specified Description: The issue is related to improper management of internal resources within the application when handling large delegations, which could allow a remote attacker to caus...

CVE-2022-47976

The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control connections.Successful exploitation of this vulnerability may disconnect normal service connections...

CVE-2022-47976

The CVE-2022-47976 issue affects the DMSDP module of Huawei’s distributed hardware stack (Huawei EMUI/HarmonyOS). The vulnerability arises from an overriding control connection in DMSDP, which could allow imposter control connections and may lead to denial of service by disconnecting normal servi...

PT-2023-15540 · Dmsdp · Dmsdp

Name of the Vulnerable Software and Affected Versions: DMSDP module of the distributed hardware affected versions not specified Description: The issue concerns a vulnerability in the DMSDP module that could allow imposter control connections, potentially leading to the disconnection of normal...

PT-2018-8802 · Cisco · Cisco Firesight System

Name of the Vulnerable Software and Affected Versions: Cisco FireSIGHT System Software affected versions not specified Description: A vulnerability exists in the detection engine of the software, allowing an unauthenticated, remote attacker to bypass a file policy configured to block file transfe...

APT Group Embeds C&C Data on TechNet Pages

The so-called Deputy Dog APT group has surfaced again with a means of keeping its command and control servers under wraps that involves Microsoft’s TechNet online resources. New research published last week by Microsoft and FireEye revealed targeted attacks against organizations have been...