CVE-2025-59460

The system is deployed in its default state, with configuration settings that do not comply with the latest best practices for restricting access. This increases the risk of unauthorised connections...

CVE-2025-59460

Technical details about CVE-2025-59460 are not publicly available in the provided documents. Monitor for updates.

Netgear RBR750 Access Control Error Vulnerability

Netgear RBR750 is a home WiFi system from Netgear, Inc. Multiple NETGEAR devices are vulnerable to an access control error, which stems from the product not properly restricting access from unauthorized roles. No details of the vulnerability are currently available...

GaussDB Kernel: Restricting the Permission for the ${GAUSSHOME}/share Directory

The $GAUSSHOME /share directory stores the shared components of GaussDB Kernel. To prevent them from being tampered or damaged, the directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced...

CVE-2020-8349

An internal security review has identified an unauthenticated remote code execution vulnerability in Cloud Networking Operating System CNOS’ optional REST API management interface. This interface is disabled by default and not vulnerable unless enabled. When enabled, it is only vulnerable where...

SOL17256 - D-Bus vulnerability CVE-2014-3638

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. The D-Bus daemon is only for package dependency reasons. The impact of the D-Bus daemon becoming unavailable is close to...

SOL17244 - Linux kernel vulnerability CVE-2015-1593

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. In BIG-IP 10.x, some platforms are running 32-bit Linux kernel and some platforms are running 64-bit, depending on their...

Cisco Patches XSS Flaw in Security Appliances

There’s a reflected cross-site scripting vulnerability in a variety of Cisco security appliances that enables a remote, unauthenticated attacker to execute arbitrary code in the context of the user. The vulnerability affects the Cisco Email Security Appliance, the Cisco Web Security Appliance and...

Intercepting proxy servers may incorrectly rely on HTTP headers to make connections

Overview Proxy servers running in interception mode "transparent" proxies that make connection decisions based on HTTP header values may be used by an attacker to relay connections. Description HTTP Host Headers are defined in RFC 2616 and are often used to by web servers to allow multiple websit...

WebEOC account lock-out policy may allow a denial-of-service

Overview WebEOC account lock out policy may allow a remote attacker to disable user and system accounts resulting in a denial-of-service condition. Description WebEOC is a web-based crisis information management application that provides functions to gather, coordinate, and disseminate informatio...