Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...

CVE-2019-18225

An issue was discovered in Citrix Application Delivery Controller ADC and Gateway before 10.5 build 70.8, 11.x before 11.1 build 63.9, 12.0 before build 62.10, 12.1 before build 54.16, and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain...

EUVD-2020-30108

Malware in sbrugna...

EUVD-2019-8961

Malware in sbrugna...

EUVD-2025-8830

Malicious code in bioql PyPI...

PT-2025-37063

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the management interface access control list ACL processing feature could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH,...

CVE-2025-0123

A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/...

CVE-2025-0123

Summary: CVE-2025-0123 affects Palo Alto Networks PAN-OS. Unlicensed administrators can view clear-text data captured via the packet-capture feature in decrypted HTTP/2 data streams on the firewall; HTTP/1.1 streams are not impacted. Exploitation requires access to the management interface and su...

CVE-2025-2995

The CVE-2025-2995 issue affects Tenda FH1202, specifically the Web Management Interface’s /goform/SysToolChangePwd endpoint. PT-2025-13697 documents a critical problem in version 1.2.0.14(408) caused by improper access controls in that file, enabling a remote attacker to initiate exploitation. Pu...

PT-2025-13698 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda FH1202 version 1.2.0.14408 Description: A critical issue affects the Web Management Interface component, specifically the unknown processing of the file /goform/SysToolDDNS. This leads to improper access controls, allowing for remote...

Vulnerabilities fixed in Palo Alto Networks PAN OS

Palo Alto Networks has fixed vulnerabilities in PAN-OS. The vulnerabilities include an authentication bypass that allows unauthenticated malicious actors to invoke specific PHP scripts through the management Web interface, an unauthenticated file deletion that allows malicious actors to delete...

CVE-2025-0890

UNSUPPORTED WHEN ASSIGNED Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00AAFR.4C020170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but...

Palo Alto Networks PAN-OS 10.2.x < 10.2.0-h4 / 10.2.x < 10.2.1-h3 / 10.2.x < 10.2.2-h6 / 10.2.x < 10.2.3-h14 / 10.2.x < 10.2.4-h32 / 10.2.x < 10.2.5-h9 / 10.2.x < 10.2.6-h6 / 10.2.x < 10.2.7-h18 / 10.2.x < 10.2.8-h15 / 10.2.x < 10.2.9-h16 / 10.2.x < 10.2.10-h9 / 10.2.x < 10.2.11-h6 / 10.2.x < 10.2.12-h2 / 11.0.x < 11.0.0-h4 / 11.0.x < 11.0.1-h5 / 11.0.x < 11.0.2-h5 / 11.0.x < 11.0.3-h13 / 11.0.x < 11.0.4-h6 / 11.0.x < 11.0.5-h2 / 11.0.x < 11.0.6-h1 / 11.1.x < 11.1.0-h4 / 11.1.x < 11.1.1-h2 / 11.1.x < 11.1.2-h15 / 11.1.x < 11.1.3-h11 / 11.1.x < 11.1.4-h7 / 11.1.x < 11.1.5-h1 / 11.2.x < 11.2.1-h1 / 11.2.x < 11.2.2-h2 / 11.2.x < 11.2.3-h3 / 11.2.x < 11.2.4-h1 Multiple Vulnerabilities

The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.0-h4 or 10.2.x prior to 10.2.1-h3 or 10.2.x prior to 10.2.2-h6 or 10.2.x prior to 10.2.3-h14 or 10.2.x prior to 10.2.4-h32 or 10.2.x prior to 10.2.5-h9 or 10.2.x prior to 10.2.6-h6 or 10.2.x prior to...

Progress LoadMaster和Progress Multi-Tenant Hypervisor 输入验证错误漏洞

Progress LoadMaster and Progress Multi-Tenant Hypervisor are both products of Progress, Inc. Progress LoadMaster is a high performance application delivery controller ADC and load balancer. Progress Multi-Tenant Hypervisor is a multi-tenant hypervisor. Tenant Hypervisor is a multi-tenant...

PT-2024-8335

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions prior to 10.1.14 Palo Alto Networks PAN-OS versions prior to 10.2.12 Palo Alto Networks PAN-OS versions prior to 11.0.6 Palo Alto Networks PAN-OS versions prior to 11.1.5 Palo Alto Networks PAN-OS versions...

Vulnerability fixed in Kemp LoadMaster

Kemp Technologies has fixed a vulnerability in Kemp LoadMaster and Progress LoadMaster. A malicious party could exploit the vulnerability to execute arbitrary commands on the vulnerable system without prior authentication via specially prepared HTTP calls. For successful abuse, the malicious part...

Vulnerabilities fixed in Aruba Networks ArubaOS

Aruba Networks fixed vulnerabilities in ArubaOS A malicious party could exploit the vulnerabilities to launch attacks that could lead to the following categories of damage: - Denial-of-Service DoS - Manipulation of data - Remote code execution Administrator/Root privileges - Access to system data...

Vulnerabilities fixed in ArubaOS and Aruba SD-WAN

Aruba Networks has fixed vulnerabilities in ArubaOS and SD-WAN as used by Aruba Mobility Conductor former Mobility Master, Mobility Controllers, WLAN Gateways and SD-WAN Gateways. A malicious party can exploit the vulnerabilities to launch a denial-of-service DoS, gain access to sensitive data or...

Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway

Citrix has fixed vulnerabilities in Netscaler ADC and Netscaler Gateway. A malicious party could exploit the vulnerabilities to cause a denial-of-service, or to execute arbitrary code execute arbitrary code on the vulnerable system. The vulnerability with attribute CVE-2023-6548 is located in the...

Vulnerabilities fixed in F5 BIG-IP

F5 has fixed vulnerabilities in BIG-IP. An authenticated malicious person with access to the management interface, or access to the shell of the system, could exploit the vulnerabilities to cause a Denial-of-Service, obtain sensitive information or, through a Cross-Site-Scripting attack, execute...