Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.5 views

CVE-2021-27795

Brocade Fabric OS FOS hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to forge a...

8.1CVSS7AI score0.00244EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-14536

Malware in sbrugna...

8.1CVSS8AI score0.00244EPSS
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2025/10/06 5:0 p.m.11 views

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

On September 18, 2025, Fortra published a security advisory regarding a critical deserialization vulnerability in GoAnywhere MFT's License Servlet, which is tracked as CVE-2025-10035 and has a CVSS score of 10.0. The vulnerability could allow a threat actor with a validly forged license response...

10CVSS8.8AI score0.99614EPSS
Exploits3
Microsoft Secure
Microsoft Secure
added 2025/10/06 5:0 p.m.13 views

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

On September 18, 2025, Fortra published a security advisory regarding a critical deserialization vulnerability in GoAnywhere MFT's License Servlet, which is tracked as CVE-2025-10035 and has a CVSS score of 10.0. The vulnerability could allow a threat actor with a validly forged license response...

10CVSS9AI score0.99614EPSS
Exploits3
CISA KEV Catalog
CISA KEV Catalog
added 2025/09/29 12:0 a.m.12 views

Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability

Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection...

10CVSS7.3AI score0.99614EPSS
In wildExploits3
VulnCheck KEV
VulnCheck KEV
added 2025/09/25 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-10035

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection...

10CVSS5.9AI score0.99614EPSS
In wildExploits3References23
Rapid7 Blog
Rapid7 Blog
added 2025/09/19 5:21 p.m.11 views

CVE-2025-10035 - Critical unauthenticated RCE in GoAnywhere MFT

Overview On September 18, 2025, Fortra published an advisory for CVE-2025-10035. This new vulnerability affects GoAnywhere MFT, an enterprise managed file transfer solution, and allows an attacker to achieve unauthenticated remote code execution. GoAnywhere MFT is a file transfer solution that ha...

10CVSS9.6AI score0.99614EPSS
Exploits3
NVD
NVD
added 2025/09/18 10:15 p.m.13 views

CVE-2025-10035

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection...

10CVSS0.99614EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2025/09/18 10:1 p.m.6 views

CVE-2025-10035 Deserialization Vulnerability in GoAnywhere MFT's License Servlet

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection...

10CVSS6.9AI score0.99614EPSS
Exploits3References1
CVE
CVE
added 2025/09/18 10:1 p.m.466 views

CVE-2025-10035

CVE-2025-10035 – GoAnywhere MFT deserialization flaw in the License Servlet allows an attacker with a forged license response signature to deserialize attacker-controlled data, potentially enabling command injection and remote code execution. Public analyses indicate the vulnerability affects GoA...

10CVSS6.9AI score0.99614EPSS
In wildExploits3References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/11 12:0 a.m.13 views

PT-2025-38495

Name of the Vulnerable Software and Affected Versions Fortra GoAnywhere MFT versions prior to 7.8.4 and 7.6.3. Description Fortra GoAnywhere MFT contains a critical deserialization vulnerability in the License Servlet. This allows an attacker with a forged license response signature to deserializ...

10CVSS7.6AI score0.99614EPSS
Exploits3References311
NVD
NVD
added 2023/12/06 2:15 a.m.30 views

CVE-2021-27795

Brocade Fabric OS FOS hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to forge a...

8.1CVSS0.00244EPSS
Exploits0References1
CVE
CVE
added 2023/12/06 1:16 a.m.43 views

CVE-2021-27795

CVE-2021-27795 affects Brocade Fabric OS (FOS) on hardware platforms that support the license string format. The issue stems from cryptographic weaknesses that could allow forged or fraudulent license keys to be accepted and activated as legitimate. The affected software is described as any versi...

8.1CVSS7.2AI score0.00244EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/12/06 12:0 a.m.6 views

Brocade Fabric OS Encryption Issues Vulnerabilities

Brocade Fabric OS FOS is a set of embedded operating systems used in devices such as switches and routers from Brocade USA. A security vulnerability exists in Brocade Fabric OS FOS that stems from allowing the installation of forged or fraudulent license keys...

8.1CVSS8AI score0.00244EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/09/02 11:28 a.m.15 views

Digital State IDs Start Rollouts Despite Privacy Concerns

Apple has unveiled the first eight states that will roll out digital IDs and drivers licenses on its mobile devices, despite critics’ concerns that the introduction of purely digital forms of identification will raise privacy, security and equanimity issues. Arizona and Georgia will be the first...

6.4AI score
Exploits0References12
Rows per page
Query Builder