CVE-2025-41281

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute code on the RX Host when a MySQL connector is...

CVE-2025-61879

In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism...

EUVD-2005-3326

Malware in sbrugna...

EUVD-2004-2530

Malware in sbrugna...

CVE-2025-33032 QTS, QuTS hero

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...

PHASE: Passive Human Activity Simulation Evaluation

Cybersecurity simulation environments, such as cyber ranges, honeypots, and sandboxes, require realistic human behavior to be effective, yet no quantitative method exists to assess the behavioral fidelity of synthetic user personas. This paper presents PHASE Passive Human Activity Simulation...

PT-2024-4403 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC version 1.0 Description: The issue exists due to insufficient input validation in the get ip.addr details function of the /view/vpn/autovpn/sxh vpnlic.php file. This allows a remote attacker to execute arbitrary commands by...

PT-2024-32999 · Ruijie · Ruijie Rg-Uac

Name of the Vulnerable Software and Affected Versions: Ruijie RG-UAC versions up to 20240506 Description: A critical issue was found in the software, affecting an unknown functionality of the file /view/networkConfig/RouteConfig/StaticRoute/static route edit commit.php. The manipulation of the...

CVE-2024-30861

netentsec NS-ASG 6.3 is vulnerable to SQL Injection via /admin/configguide/ipsecguide1.php...

CVE-2023-37249

Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access...

Fortinet FortiWAN OS Command Injection Vulnerability (CNVD-2024-37348)

Fortinet FortiWAN is a network appliance from Fortinet that performs load balancing and fault tolerance between different networks. A security vulnerability exists in Fortinet FortiWAN, which can be exploited by a remote attacker to submit a special request that can be used to execute arbitrary...

IBM Security Verify Governance Identity Manager Information Disclosure Vulnerability

IBM Security Verify Governance Identity Manager is an IBM network appliance-based integration that focuses on business-centric rules, activities, and processes.IBM Security Verify Governance Identity Manager version 10.0.1 is vulnerable to An information disclosure vulnerability exists in IBM...

IBM Security Verify Governance Identity Manager Cross-Site Scripting Vulnerability

IBM Security Verify Governance Identity Manager is an IBM network appliance-based integration that focuses on business-centric rules, activities, and processes. version 10.0.1 of IBM Security Verify Governance Identity Manager is vulnerable to A cross-site scripting vulnerability exists. An...

Multiple vulnerabilities in Operation management interface of FUJITSU Network IPCOM

Overview FUJITSU Network IPCOM provided by FUJITSU LIMITED is an integrated network appliance. Operation management interface used to operate FUJITSU Network IPCOM contains multiple vulnerabilities listed below. OS command injection in the web console CWE-78 - CVE-2022-29516 Buffer overflow in th...

F5 BIG-IP 输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP is vulnerable to an input validation error, which can be exploited by attackers to cause a denial of service on the...

Fortinet FortiWAN SQL Injection Vulnerability

Fortinet FortiWan is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance across different networks. SQL injection vulnerability exists in versions prior to Fortinet FortiWAN 4.5.9, which stems from a program that does not properly filter special elemen...

Fortinet FortiWAN Buffer Overflow Vulnerability

Fortinet FortiWAN is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance between different networks. buffer overflow vulnerability exists in versions prior to Fortinet FortiWAN 4.5.9. An attacker could exploit this vulnerability to corrupt control data...

Fortinet FortiWAN OS Command Injection Vulnerability

Fortinet FortiWan is a network appliance from Fortinet, Inc. It is used to perform load balancing and fault tolerance across different networks.An operating system command injection vulnerability exists in versions prior to Fortinet FortiWAN 4.5.9. An attacker could exploit this vulnerability to...

Fortinet FortiWAN Encryption Issue Vulnerability

Fortinet FortiWan is a network appliance from Fortinet, Inc. Fortinet FortiWAN versions prior to 4.5.9 are vulnerable to an encryption issue that stems from the program using a corrupted or risky encryption algorithm. An attacker could exploit this vulnerability to decrypt and forge protocol...

F5 Bug Could Lead to Complete System Takeover

Application delivery and networking firm F5 released a baker’s dozen of 13 fixes for high-severity bugs, including one that could lead to complete system takeover and hence is boosted to “critical” for customers that run BIG-IP in Appliance Mode, given that an attacker that holds valid credential...