34 matches found
WatchGuard Fireware OS 安全漏洞
WatchGuard Fireware OS is a software developed by the American company WatchGuard, running on Firebox devices. Vulnerabilities exist in versions 12.0 to 12.11.7, 12.5.9 to 12.5.16, and 2025.1 to 2026.1.1 of WatchGuard Fireware OS. These vulnerabilities stem from a potential flaw that allows...
CVE-2022-42860
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, macOS Ventura 13. An app may be able to modify protected parts of the file system...
EUVD-2019-15162
Malware in sbrugna...
CVE-2022-46713
A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify protected parts of the file system...
CVE-2022-49879
CVE-2022-49879 affects the Linux kernel ext4 code. A corrupted directory entry where rec_len is invalid (not a multiple of 4) can cause a kernel BUG() in ext4_rec_len_to_disk() called from make_indexed_dir(). The fix adds a validation step via ext4_check_dir_entry(), returning -EFSCORRUPTED for i...
CVE-2025-24282
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.4. An app may be able to modify protected parts of the file system...
CVE-2022-49348
In the Linux kernel, the following vulnerability has been resolved: ext4: filter out EXT4FCREPLAY from on-disk superblock field sstate The EXT4FCREPLAY bit in sbi-smountstate is used to indicate that we are in the middle of replay the fast commit journal. This was actually a mistake, since the...
CVE-2022-49348 ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state
In the Linux kernel, the following vulnerability has been resolved: ext4: filter out EXT4FCREPLAY from on-disk superblock field sstate The EXT4FCREPLAY bit in sbi-smountstate is used to indicate that we are in the middle of replay the fast commit journal. This was actually a mistake, since the...
Fortinet FortiOS Security Vulnerabilities
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering, and anti-spam. A security...
Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability
Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...
Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability
Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an...
Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability
Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is...
CVE-2023-36851
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...
Authentication flaw
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication, an...
CVE-2023-36851
CVE-2023-36851 affects Juniper Junos OS on SRX Series with a Missing Authentication for Critical Function flaw in J-Web. A unauthenticated, network-based attacker can upload/download arbitrary files via the web interface (webauth_operation.php), potentially compromising file-system integrity or c...
Juniper Networks Junos OS Access Control Error Vulnerability
Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS has an Access Control Error vulnerability that stems from a Critical Function...
Exploitation of Juniper Networks SRX Series and EX Series Devices
On August 17, 2023, Juniper Networks published an out-of-band advisory on four different CVEs affecting Junos OS on SRX and EX Series devices: CVE-2023-36846 Affects the SRX Series A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an...
VulnCheck KEV: CVE-2023-36847
Juniper Junos OS on EX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to installAppPackage.php that doesn't require authentication, an...
VulnCheck KEV: CVE-2023-36851
Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauthoperation.php that doesn't require authentication,...
Juniper Junos OS Pre-Auth RCE (JSA72300)
The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA72300 advisory. - A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX and SRX Series allows an unauthenticated, network-based attacker to...