674 matches found
EUVD-2024-27593
Malicious code in bioql PyPI...
Libraesva Email Security Gateway Command Injection Vulnerability
Libraesva Email Security Gateway ESG contains a command injection vulnerability which allows command injection via a compressed e-mail attachment...
Libraesva Email Security Gateway 安全漏洞
Libraesva Email Security Gateway is an email security gateway from Libraesva Italy. A security vulnerability exists in Libraesva Email Security Gateway versions prior to 4.5 to 5.5.7, which stems from improper handling of compressed email attachments and can lead to command injection attacks...
CVE-2025-10127
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...
CVE-2025-10127
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...
CVE-2025-10127 Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...
CVE-2025-10127 Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password
Daikin Europe N.V Security Gateway is vulnerable to an authorization bypass through a user-controlled key vulnerability that could allow an attacker to bypass authentication. An unauthorized attacker could access the system without prior credentials...
CVE-2025-10127
CVE-2025-10127 affects Daikin Europe N.V Security Gateway. The vulnerability is an authorization bypass caused by a user-controlled key, allowing an unauthenticated attacker to access the system. Documented across multiple vendors and advisories (e.g., Red Hat, NVD, CISA ICS), with high severity ...
CISA Releases Eleven Industrial Control Systems Advisories
CISA released eleven Industrial Control Systems ICS advisories on September 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-254-01 Siemens SIMOTION Tools ICSA-25-254-02 Siemens SIMATIC Virtualization as a...
Daikin Europe N.V Security Gateway
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...
PT-2025-37264
Name of the Vulnerable Software and Affected Versions: Daikin Security Gateway affected versions not specified Description: The Daikin Security Gateway is susceptible to an authorization bypass. An attacker can bypass authentication and gain access to the system without valid credentials through ...
Daikin Security Gateway 授权问题漏洞
Daikin Security Gateway is a gateway device for remote management of systems from Daikin Japan. An authorization issue vulnerability exists in Daikin Security Gateway that stems from a user control key causing an authorization bypass that could lead to unauthorized system access...
PT-2025-34239
Name of the Vulnerable Software and Affected Versions: SpamTitan Email Security Gateway versions 8.00.0 through 8.00.100 SpamTitan Email Security Gateway versions 8.01.0 through 8.01.13 Description: The quarantine.php file within the SpamTitan interface allows unauthenticated users to trigger...
CVE-2023-47356
Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution RCE vulnerability via the logtype parameter at /log/fwsecurity.mds...
CVE-2023-47356
Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution RCE vulnerability via the logtype parameter at /log/fwsecurity.mds...
CVE-2023-47356
Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution RCE vulnerability via the logtype parameter at /log/fwsecurity.mds...
Anheng Mingyu Security Gateway 安全漏洞
Anheng Mingyu Security Gateway is a security gateway from the Chinese company Anheng. A security vulnerability exists in Anheng Mingyu Security Gateway versions prior to v3.0-5.3p, which originates from a remote command execution vulnerability in the logtype parameter in /log/fwsecurity.mds...
CVE-2023-47356
Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution RCE vulnerability via the logtype parameter at /log/fwsecurity.mds...
PT-2025-29925 · Mingyu · Mingyu Security Gateway
Name of the Vulnerable Software and Affected Versions: Mingyu Security Gateway versions prior to 3.0-5.3p Description: The Mingyu Security Gateway is susceptible to a remote command execution RCE issue. This occurs due to a flaw in the handling of the log type parameter within the /log/fw...
CVE-2023-47356
CVE-2023-47356 affects Mingyu Security Gateway prior to v3.0-5.3p. A remote command execution (RCE) exists via the log_type parameter handled at /log/fw_security.mds, arising from improper input handling. Exploitation could allow an unauthenticated attacker (network vector) with low privileges to...