7687 matches found
CVE-2022-21626
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
Buffer overflow
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
CVE-2022-21626
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
CVE-2022-40684
An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...
Authentication flaw
An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...
CVE-2022-21626
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
CVE-2022-40684
An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...
CVE-2022-40684
An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...
CVE-2022-40684
An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform...
CVE-2022-21626
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
CVE-2022-21626
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...
Android and iOS leak some data outside VPNs
Virtual Private Networks VPNs on Android and iOS are in the news. Its been discovered that in certain circumstances, some of your traffic is leaked so it ends up outside of the safety cordon created by the VPN. Mullvad, the discoverers of this Android "feature" say that it has the potential to...
Security Bulletin: IBM Performance Management is affected by multiple vulnerabilities in IBM Websphere Application Server (CVE-2021-39031, CVE-2022-22393, and CVE-2022-22476)
Summary Multiple vulnerabilities in IBM Websphere Application Server - Liberty could allow a remote autheticated attacker to conduct an LDAP injection; issue a request to obtain the status of HTTP/HTTPS ports; and/or use a specially crafted request. Details are described in CVE-2021-39031,...
Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild. Tracked as CVE-2022-40684 CVSS score: 9.6, the flaw relates to an authentication bypass in FortiOS, FortiProxy, and...
Fortinet Multiple Products Authentication Bypass Vulnerability
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests...
Protect
An authentication bypass using an alternate path or channel vulnerability CWE-288 in FortiOS, FortiProxy and FortiSwitchManager may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests...
Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
Fortinet has privately warned its customers of a security flaw affecting FortiGate firewalls and FortiProxy web proxies that could potentially allow an attacker to perform unauthorized actions on susceptible devices. Tracked as CVE-2022-40684 CVSS score: 9.6, the critical flaw relates to an...
SUSE SLES12 Security Update : squid (SUSE-SU-2022:3533-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3533-1 advisory. - CVE-2022-41317: Fixed exposure of sensitive information in cache manager bsc1203677. - CVE-2022-41318: Fixed buffer overread in...
Fortinet Fortigate Authentication bypass in administrative interface (FG-IR-22-377)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-377 advisory. - An authentication bypass using an alternate path or channel CWE-288 in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0...
SUSE SLES12 Security Update : squid (SUSE-SU-2022:3532-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3532-1 advisory. - CVE-2022-41317: Fixed exposure of sensitive information in cache manager bsc1203677. - CVE-2022-41318: Fixed buffer overread in...