16 matches found
CVE-2018-18863
NGA ResourceLink 20.0.2.1 allows local file inclusion...
EUVD-2018-10574
Malware in sbrugna...
Malicious code in @zalastax/nolb-nga (npm)
The package @zalastax/nolb-nga was found to contain malicious code...
MAL-2025-12502 Malicious code in @zalastax/nolb-nga (npm)
The package @zalastax/nolb-nga was found to contain malicious code...
nga-geoworks.com Cross Site Scripting vulnerability OBB-3110951
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Steps to Safeguard Against Ransomware Attacks
The Cybersecurity and Infrastructure Security Agency CISA, Multi-State Information Sharing & Analysis Center MS-ISAC, National Governors Association NGA, and the National Association of State Chief Information Officers NASCIO have released a Joint Ransomware Statement with recommendations for sta...
CVE-2018-18863
NGA ResourceLink 20.0.2.1 allows local file inclusion...
Design/Logic Flaw
NGA ResourceLink 20.0.2.1 allows local file inclusion...
CVE-2018-18863
NGA ResourceLink 20.0.2.1 allows local file inclusion...
CVE-2018-18863
CVE-2018-18863 affects NGA ResourceLink 20.0.2.1 and is due to a local file inclusion vulnerability. The connected Red Hat and NVD entries reiterate that NGA ResourceLink 20.0.2.1 allows configuring or serving content in a way that can expose local files. The materials do not provide explicit imp...
US Defense Contractor left Sensitive Files on Amazon Server Without Password
Sensitive files linked to the United States intelligence agency were reportedly left on a public Amazon server by one of the nation's top intelligence contractor without a password, according to a new report. UpGuard cyber risk analyst Chris Vickery discovered a cache of 60,000 documents from a U...
Cisco Warns of High Severity Bug in NetFlow Appliance
Warning the device is susceptible to denial of service attacks, Cisco Systems on Wednesday released a patch for its NetFlow Generation Appliance. The flaw traces back to the hardware’s Stream Control Transmission Protocol SCTP used by the appliance, according to a Cisco Security Advisory posted...
CVE-2017-3826
A vulnerability in the Stream Control Transmission Protocol SCTP decoder of the Cisco NetFlow Generation Appliance NGA with software before 1.11a could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service DoS condition. The...
Race condition
A vulnerability in the Stream Control Transmission Protocol SCTP decoder of the Cisco NetFlow Generation Appliance NGA with software before 1.11a could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service DoS condition. The...
CVE-2017-3826
Cisco NetFlow Generation Appliances NGA 3140, NGA 3240, and NGA 3340 contain a DoS vulnerability in the SCTP decoder due to incomplete validation of SCTP packets on monitored data ports. An unauthenticated remote attacker can cause the device to hang or reload by sending malformed SCTP packets; p...
Cisco NetFlow Generation Appliance Stream Control Transmission Protocol Denial of Service Vulnerability
A vulnerability in the Stream Control Transmission Protocol SCTP decoder of the Cisco NetFlow Generation Appliance NGA could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service DoS condition. The vulnerability is due to...