EUVD-2020-26395

Malware in sbrugna...

EUVD-1999-0876

Malware in sbrugna...

EUVD-2022-29635

Malicious code in bioql PyPI...

EUVD-2022-1623

Malicious code in bioql PyPI...

CVE-2025-22280

Missing Authorization vulnerability in revmakx DefendWP Firewall defend-wp-firewall allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DefendWP Firewall: from n/a through = 1.1.0...

CVE-2022-24847

GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. The GeoServer security mechanism can perform an unchecked JNDI lookup, which in turn can be used to perform class deserialization and result in arbitrary code execution. The same can...

CVE-2024-53705

A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a remote attacker to establish a TCP connection to an IP address on any port when the user is logged in to the firewall...

PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. This issue is applicable to PAN-OS 10.1, PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS...

Palo Alto Networks PAN-OS 10.1.x < 10.1.3-h4 / 10.1.x < 10.1.6-h9 / 10.1.x < 10.1.8-h8 / 10.1.x < 10.1.9-h14 / 10.1.x < 10.1.10-h9 / 10.1.x < 10.1.11-h10 / 10.1.x < 10.1.12-h3 / 10.1.x < 10.1.13-h5 / 10.1.x < 10.1.14-h6 / 10.2.x < 10.2.0-h4 / 10.2.x < 10.2.1-h3 / 10.2.x < 10.2.2-h6 / 10.2.x < 10.2.3-h14 / 10.2.x < 10.2.4-h32 / 10.2.x < 10.2.5-h9 / 10.2.x < 10.2.6-h6 / 10.2.x < 10.2.7-h18 / 10.2.x < 10.2.8-h15 / 10.2.x < 10.2.9-h16 / 10.2.x < 10.2.10-h9 / 10.2.x < 10.2.11-h6 / 10.2.x < 10.2.12-h2 / 11.0.x < 11.0.0-h4 / 11.0.x < 11.0.1-h5 / 11.0.x < 11.0.2-h5 / 11.0.x < 11.0.3-h13 / 11.0.x < 11.0.4-h6 / 11.0.x < 11.0.5-h2 / 11.0.x < 11.0.6-h1 / 11.1.x < 11.1.0-h4 / 11.1.x < 11.1.1-h2 / 11.1.x < 11.1.2-h15 / 11.1.x < 11.1.3-h11 / 11.1.x < 11.1.4-h7 / 11.1.x < 11.1.5-h1 / 11.2.x < 11.2.0-h1 / 11.2.x < 11.2.1-h1 / 11.2.x < 11.2.2-h2 / 11.2.x < 11.2.3-h3 / 11.2.x < 11.2.4-h1 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.3-h4 or 10.1.x prior to 10.1.6-h9 or 10.1.x prior to 10.1.8-h8 or 10.1.x prior to 10.1.9-h14 or 10.1.x prior to 10.1.10-h9 or 10.1.x prior to 10.1.11-h10 or 10.1.x prior to 10.1.12-h3 or 10.1.x prior to...

CVE-2023-41603

D-Link R15 before v1.08.02 was discovered to contain no firewall restrictions for IPv6 traffic. This allows attackers to arbitrarily access any services running on the device that may be inadvertently listening via IPv6...

Information disclosure

Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server...

Information Security Consultant – Job Description and How to Become

Introduction As per Centrify, a forerunner in the Privileged Access Management PAM market that forms programming to forestall cyberattacks, the huge ascent of people working from a distance during the COVID-19 pandemic has raised the probability of a digital break. Therefore, network protection h...

CVE-2020-5148

SonicWall SSO-agent vulnerability CVE-2020-5148 occurs when NetAPI is used as the client probing method. NetAPI probing can allow an attacker to capture the privileged user’s password hash via NetWkstaUserEnum and may force the SSO-Agent to authenticate, potentially bypassing firewall access cont...

CVE-2020-5148

SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, this client probing method allows a potential attacker to capture the password hash of the privileged user and potentially forces the SSO Agent to authenticate allowing an attacker to bypass firewal...

A vulnerability in the SonicWall Capture Security Center was allowing access to the managed firewall without authentication

A vulnerability in the SonicWall Capture Security Center - Cloud Security Management Service was allowing users to access managed firewalls without authentication, this issue has been resolved and a security patch has been pushed out to all affected Capture Security Center - Management and...

Command Injection in Zingbox Inspector

A security vulnerability exists in the Zingbox Inspector that could allow an attacker to supply an invalid software update image to the Zingbox Inspector that could result in command injection. Ref: CVE-2019-15020 The vulnerability allows for an attacker in a position to intercept a software upda...

Routes behind a firewall are accessible even when not logged in

More info at https://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released...

CVE-1999-1047

When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities...

CVE-1999-1047

When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities...