29 matches found
CVE-2022-23176
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...
EUVD-2017-11520
Malware in sbrugna...
EUVD-2017-11522
Malware in sbrugna...
EUVD-2020-27440
Malware in sbrugna...
EUVD-2013-6509
Malware in sbrugna...
EUVD-2023-2404
Malicious code in bioql PyPI...
EUVD-2025-21459
Malicious code in bioql PyPI...
CVE-2025-53895
ZITADEL is an open source identity management system. Starting in version 2.53.0 and prior to versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14, vulnerability in ZITADEL's session management API allows any authenticated user to update a session if they know its ID, due to a missing permission chec...
CVE-2025-53895
ZITADEL is an open source identity management system. Starting in version 2.53.0 and prior to versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14, vulnerability in ZITADEL's session management API allows any authenticated user to update a session if they know its ID, due to a missing permission chec...
CVE-2025-53895 ZITADEL has broken authN and authZ in session API and resulting session tokens
ZITADEL is an open source identity management system. Starting in version 2.53.0 and prior to versions 4.0.0-rc.2, 3.3.2, 2.71.13, and 2.70.14, vulnerability in ZITADEL's session management API allows any authenticated user to update a session if they know its ID, due to a missing permission chec...
CVE-2020-6292
Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session cookies, leading to Insufficient Session Expiration...
CVE-2025-46336 Rack session gets restored after deletion
Rack::Session is a session management implementation for Rack. In versions starting from 2.0.0 to before 2.1.1, when using the Rack::Session::Pool middleware, and provided the attacker can acquire a session cookie already a major issue, the session may be restored if the attacker can trigger a lo...
WatchGuard Firebox and XTM Privilege Escalation Vulnerability
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access...
CVE-2022-23176
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...
Design/Logic Flaw
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...
CVE-2022-23176
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2U1, 12.x before 12.1.3U3, and 12.2.x through 12.5.x before...
Juniper SSG Series device ScreenOS cross-site scripting vulnerability (CNVD-2017-23955)
The Juniper SSG Series is a family of firewall appliances from Juniper Networks.ScreenOS is one of the operating systems. A cross-site scripting vulnerability exists in Firewall+VPN in ScreenOS on Juniper SSG Series devices. A remote attacker can exploit this vulnerability to inject HTML/JavaScri...
Juniper SSG Series Appliance ScreenOS Cross-Site Scripting Vulnerability
The Juniper SSG Series is a family of firewall appliances from Juniper Networks.ScreenOS is one of the operating systems. A cross-site scripting vulnerability exists in Firewall+VPN in ScreenOS on Juniper SSG Series devices. A remote attacker can exploit this vulnerability to inject HTML/JavaScri...
Juniper SSG Series device ScreenOS cross-site scripting vulnerability (CNVD-2017-23956)
The Juniper SSG Series is a family of firewall appliances from Juniper Networks.ScreenOS is one of the operating systems. A cross-site scripting vulnerability exists in Firewall+VPN in ScreenOS on Juniper SSG Series devices. A remote attacker can exploit this vulnerability to inject HTML/JavaScri...
Juniper SSG Series device ScreenOS cross-site scripting vulnerability (CNVD-2017-23957)
The Juniper SSG Series is a family of firewall appliances from Juniper Networks.ScreenOS is one of the operating systems. A cross-site scripting vulnerability exists in Firewall+VPN in ScreenOS on Juniper SSG Series devices. A remote attacker can exploit this vulnerability to inject HTML/JavaScri...