SA45520 - CVE's (CVE-2022-35254,CVE-2022-35258) may lead to DoS attack

Summary: An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure ICS in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R3, Ivanti Policy Secure IPS in versions prior to 9.1R17 and 22.2R3, and Ivanti Neurons for Zero-Trust Gateway in...

Security Bulletin: Vulnerability in SSLv3 affects IBM Sterling Connect:Direct for Microsoft Windows (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM Sterling Connect:Direct for Microsoft Windows. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attack...

U.S. Dept Of Defense: Dashboard sharing enables code injection into ████ emails

Summary: An attacker is able to share their dashboard with other █████████ users. When sharing their dashboard, the message is not fully sanitized for HTML characters before sending to the recipient. This allows the attacker to craft a believable spearphishing e-mail coming from an e-mail address...

U.S. Dept Of Defense: [REMOTE] Full Account Takeover At https://██████████████/CAS/

Summary: A session cookie PRODCASSESSION takes a User ID as an input, hence an attacker is able to insert his victim's User ID and takeover his victim's account. P.S The User ID is only 6 numbers long. Impact An attacker is able to insert his victim's User ID into the cookie PRODCASSESSION and...

IcoFX 2.5.0.0 Buffer Overflow

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ IcoFX Buffer Overflow Vulnerability 1. Advisory Information Title: IcoFX Buffer Overflow Vulnerability Advisory ID: CORE-2013-1107 Advisory URL: http://www.coresecurity.com/advisories/icofx-buffer-overflow-vulnerability Date...

CVE-2021-0028

...

CVE-2023-22139

CVE-2023-22139 is rejected/not used and does not represent an active vulnerability entry.