EUVD-2021-12909

Malware in sbrugna...

Input validation

A vulnerability in the implementation of Security Assertion Markup Language SAML 2.0 single sign-on SSO for remote access VPN in Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to intercept the SAML...

Authorization Bypass

snort is vulnerable to authorization bypasses. An unauthenticated, remote attacker may exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit allows the attacker to bypass the configured file policies and deliver a malicious...

The vulnerability of the Fortinet Single Sign-On (FSSO) Authentication Mechanism, related to deficiencies in the authentication process, allows attackers to gain access to the protected network.

The vulnerability of the Fortinet Single Sign-On FSSO Authentication Mechanism lies in the flaws in the authentication process. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to the secure network using specially created UDP packets...

CVE-2022-3281

WAGO Series PFC100/PFC200, Series Touch Panel 600, Compact Controller CC100 and Edge Controller in multiple versions are prone to a loss of MAC-Address-Filtering after reboot. This may allow an remote attacker to circumvent the reach the network that should be protected by the MAC address filter...

Cisco Umbrella Secure Web Gateway文件解密绕过漏洞

Cisco Umbrella is a cloud security platform from the U.S. company Cisco Cisco. The platform prevents cyber threats such as phishing, malware and ransomware.Cisco Umbrella Secure Web Gateway has a file decryption bypass vulnerability that can be exploited by authenticated attackers to bypass the...

The vulnerability of the application software interface of TP-Link Omada SDN software controllers, related to errors in processing authentication requests, allows a intruder to gain access to the protected network.

The vulnerability of the application software interface of TP-Link Omada SDN software controllers is related to errors in processing authentication requests. Exploiting this vulnerability can allow a remote attacker to gain access to the protected network...

UBUNTU-CVE-2020-26143

An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Jabber for Windows, Cisco Jabber for MacOS, and Cisco Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system with elevated privileges, access sensitive information, intercept protected network traffic,...

Cisco IOS XE Products Snort Application Detection Engine Policy Bypass (cisco-sa-snort-app-bypass-cSBYCATq)

According to its self-reported version, Cisco IOS XE is affected by a vulnerability in the UTD SNORT IPS detection engine due to a flaw in the detection algorithm. An unauthenticated, remote attacker can exploit this by sending crafted packets that would flow through an affected system. A...

Multiple Cisco Product Policy Bypass Vulnerabilities

Cisco 3000 Series Industrial Security Appliances are products of Cisco Corporation.Cisco 3000 Series Industrial Security Appliances is a 3000 Series Firewall Appliance.Cloud Cisco 3000 Series Industrial Security Appliances is a 3000 Series firewall appliance. 1000V Series Cloud Services Router is...

Cisco Network Access Control Guest Server System Software Authentication Bypass

Unauthenticated access to protected network is possible...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Check Point SofaWare Safe@Office, with firmware before Embedded NGX 7.0.45 GA, allows remote attackers to execute commands as arbitrary users, and disable firewalling of the protected network...