CVE-2026-45328

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

CVE-2026-45328

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

CVE-2026-45329 ESF-IDF: Out-of-Bounds Read in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in espsecureservices.c and espsecureservicesiram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked...

EUVD-2026-35917

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in espsecureservices.c and espsecureservicesiram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked...

EUVD-2026-35916

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

PT-2026-48351

Name of the Vulnerable Software and Affected Versions ESF-IDF versions 5.5.4 ESF-IDF version 6.0 Description Several ESP-TEE secure-service wrappers in esp secure services.c and esp secure services iram.c fail to validate all caller-supplied pointer arguments. Since the TEE-protected hardware...

EUVD-2007-1062

Malware in sbrugna...

EUVD-2007-1061

Malware in sbrugna...

EUVD-2007-1063

Malware in sbrugna...

CVE-2024-51954 Unauthorized access to secure services in ArcGIS Server

There is an improper access control issue in ArcGIS Server versions 11.3 and below on Windows and Linux which, under unique circumstances, could allow a remote, low‑privileged authenticated attacker to access secure services published to a standalone unfederated ArcGIS Server instance. Successful...

PT-2025-9555

Name of the Vulnerable Software and Affected Versions ArcGIS Server versions 10.9.1 through 11.3 Description The issue is related to improper access control, which could allow a remote, low-privileged authenticated attacker to access secure services published on a standalone ArcGIS Server instanc...

How Distributed Cloud Computing Meets Modern User Demand

Learn why distributed cloud computing is essential to meet user demand for highly customized, secure services...

SquidGuard Cross-Site Scripting Vulnerability

Shalla Secure Services squidGuard is a URL redirection plug-in for Squid proxy server and web caching server software from Shalla Secure Services, Germany. A cross-site scripting vulnerability exists in versions 1.3 and 1.4 of squidGuard. An attacker can exploit this vulnerability to inject...

Code injection

Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka...

Design/Logic Flaw

Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors...

Authentication flaw

The 1 TTLS CHAP, 2 TTLS MSCHAP, 3 TTLS MSCHAPv2, 4 TTLS PAP, 5 MD5, 6 GTC, 7 LEAP, 8 PEAP MSCHAPv2, 9 PEAP GTC, and 10 FAST authentication methods in Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deploye...

CVE-2007-1067

Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors...

CVE-2007-1066

Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists DACL for the connection client GUI, whic...

CVE-2007-1065

Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka...

CVE-2007-1068

The 1 TTLS CHAP, 2 TTLS MSCHAP, 3 TTLS MSCHAPv2, 4 TTLS PAP, 5 MD5, 6 GTC, 7 LEAP, 8 PEAP MSCHAPv2, 9 PEAP GTC, and 10 FAST authentication methods in Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deploye...