EUVD-2023-38240

Malicious code in bioql PyPI...

CVE-2024-3596

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...

CVE-2023-34138

A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.60 through 5.36 Patch 2, USG20W-VPN series firmware version...

CVE-2023-34138

A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.60 through 5.36 Patch 2, USG20W-VPN series firmware version...

Command injection

A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.60 through 5.36 Patch 2, USG20W-VPN series firmware version...

CVE-2023-34138

A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.60 through 5.36 Patch 2, USG20W-VPN series firmware version...

CVE-2023-34138

A command injection vulnerability in the hotspot management feature of the Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2, USG FLEX series firmware versions 4.60 through 5.36 Patch 2, USG FLEX 50W series firmware versions 4.60 through 5.36 Patch 2, USG20W-VPN series firmware version...

PT-2023-3691 · Zyxel · Zyxel Usg Flex Series +4

Name of the Vulnerable Software and Affected Versions: Zyxel ATP series firmware versions 4.60 through 5.36 Patch 2 Zyxel USG FLEX series firmware versions 4.60 through 5.36 Patch 2 Zyxel USG FLEX 50W series firmware versions 4.60 through 5.36 Patch 2 Zyxel USG20W-VPN series firmware versions 4.6...

FreeBSD 输入验证错误漏洞

FreeBSD is a set of Unix-like operating systems from the Freebsd Foundation. FreeBSD suffers from an Input Validation Error vulnerability that stems from insufficient message validation in libradius, which allows a remote Radius client to pass specially crafted input to the system and perform a...

FreeBSD -- Missing message validation in libradius(3)

Problem Description: libradius did not perform sufficient validation of received messages. radgetattr3 did not verify that the attribute length is valid before subtracting the length of the Type and Length fields. As a result, it could return success while also providing a bogus length of SIZETMA...

SECURITY.NNOV: few vulnerabilities in multiple RADIUS implementations

Topic : Vulnerabilities in multiple RADIUS clients and servers Author : 3APA3A [email protected] Released : December, 18 2001 Public release : March, 04 2002 Affected Software : Cistron = 1.6.4 12 Cistron 1.6.5 2 XtRadius = 1.1-pre1 12 FreeRADIUS = 0.3 12 ICRadius = 0.18.1 12 YARD Radius =...