The vulnerability of the GUI component of the FortiSandbox threat detection and mitigation system allows a perpetrator to execute arbitrary commands.

The vulnerability of the GUI component of the FortiSandbox threat detection and mitigation system is related to the implementation of security functions at the client side. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the graphical interface of Fortinet’s centralized device management solutions, FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis solutions FortiAnalyzer, FortiAnalyzer Cloud, and FortiAnalyzer-BigData, allows a perpetrator to execute arbitrary code or commands.

The vulnerability of the graphical interface of Fortinet’s centralized device management solutions, FortiManager and FortiManager Cloud, as well as the security event monitoring and analysis solutions FortiAnalyzer, FortiAnalyzer Cloud, and FortiAnalyzer-BigData, exists due to the lack of measure...

The vulnerability of the graphical interface of the software platform for coordinating the operation of (orchestrating) cybersecurity systems and for managing incident responses in real-time with Fortinet FortiSOAR allows a perpetrator to execute arbitrary code.

The vulnerability of the graphical interface of the software platform for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR is related to the absence of mechanisms for neutralizing elements related to CSV files. Exploiting this...

The vulnerability of the graphical interface of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats allows attackers to enhance their privileges.

The vulnerability of the graphical interface of the Fortinet FortiDeceptor tool for detecting and responding to external and internal security threats is related to lack of access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges by sending specially...

The vulnerability of the graphical interface of the microprogramming software for the FortiRecorder surveillance system allows a intruder to read arbitrary files.

The vulnerability of the graphical interface of the microprogramming software for the video surveillance system FortiRecorder is related to errors in processing the relative path to the directory. Exploiting this vulnerability allows a malicious actor to read arbitrary files by sending specially...

The vulnerability of the graphical interface of the Fortinet FortiManager software, a centralized device management tool, allows a hacker to execute arbitrary commands.

The vulnerability of the graphical interface of the Fortinet FortiManager device management software is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...

The vulnerability of the graphical interface of the Fortinet FortiManager software, a centralized device management system, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the graphical interface of the Fortinet FortiManager device management software is related to the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the graphical interface of the FortiSandbox system allows a perpetrator to execute arbitrary commands.

The vulnerability of the FortiSandbox threat detection and mitigation graphical interface exists due to the failure to take measures to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands using specially created requests...

CVE-2024-46666

An allocation of resources without limits or throttling CWE-770 vulnerability in FortiOS versions 7.6.0, versions 7.4.4 through 7.4.0, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow a remote unauthenticated attacker to prevent access to the GUI via specially crafted requests...

UBUNTU-CVE-2024-36467

An authenticated user with API access e.g.: user with default User role, more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group e.g.: Zabbix Administrators, except to groups that are disabled or having restricted GUI access...

The vulnerability of the graphical interface of the FortiSandbox threat detection and mitigation system allows a intruder to gain unauthorized access to protected information.

The vulnerability of the FortiSandbox threat detection and mitigation graphical interface is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending specially...

The vulnerability of the graphical interface of the software platform for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR allows attackers to carry out cross-site scripting attacks.

The vulnerability of the graphical interface of the software platform for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR is related to the lack of protective measures taken for the website structure. Exploiting this...

The vulnerability of MongoDB Compass’s graphical interface, a database management system for MongoDB, allows attackers to gain unauthorized access to the credentials of any user.

The vulnerability of MongoDB Compass’s graphical interface, a database management system by MongoDB. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the credentials of any user...

SAP GUI Information Disclosure Vulnerability

SAP GUI is an application from SAP, a German company. graphical user interface for SAP systems. An information disclosure vulnerability exists in SAP GUI for Windows, which arises from the fact that under certain conditions, memory contains passwords used to log on to the SAP system, which could...

The vulnerability of the graphical user interface of the Fortinet FortiPortal security analysis and management tool allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the graphical user interface of the Fortinet FortiPortal security analysis and management tool is related to the implementation of security functions at the client side. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to...

Exploit for Improper Authentication in Microsoft

I. Project Objectives and References The purpose is simple: r...

PT-2024-22122 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 7.89, 7.93 Description: The issue is related to Cross-Site Scripting XSS due to insufficient encoding of user-controlled inputs in applications based on SAP GUI for HTML. This allows a malicious attacker to...

CVE-2023-7235

The OpenVPN GUI installer before version 2.6.9 did not set the proper access control restrictions to the installation directory of OpenVPN binaries when using a non-standard installation path, which allows an attacker to replace binaries to run arbitrary executables...

Advisory ROSA-SA-2024-2337

software: flatpak 1.14.4 AXIS: ROSA-CHROME packageevrstring: flatpak-1.14.4-1.src.rpm CVE-ID: CVE-2023-28100 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: If the Flatpak application runs on a Linux virtual console, such as /dev/tty1, it can copy text from the virtual console and paste it into a comman...

The vulnerability of the graphical interface of the FortiSandbox threat detection and mitigation system allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the FortiSandbox threat detection and mitigation graphical interface is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks by sending specially crafted HTTP...