Lucene search
K

674 matches found

CheckPoint Security
CheckPoint Security
added 2026/05/24 12:0 a.m.11 views

CVE-2026-48133 - Identity Awareness Captive Portal - Unauthenticated Local File Inclusion

Symptoms - When the Identity Awareness blade is enabled with Browser-Based Authentication, an unauthenticated user may be able to read certain internal files on the Security Gateway. - This issue affects: R82.10 with Jumbo Hotfix Take 6 or below R82 with Jumbo Hotfix Take 91 or below R81.20 with...

7.5CVSS5.8AI score0.0475EPSS
Exploits0
CheckPoint Security
CheckPoint Security
added 2026/05/20 12:0 a.m.10 views

CVE-2026-48134 - SQL injection issue in UserCheck Portal when DLP is active

Symptoms - When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This coul...

5.6CVSS5.4AI score0.04356EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.9 views

SEPPmail Secure Email Gateway 安全漏洞

SEPPmail Secure Email Gateway is an email security gateway developed by the German company SEPPmail. Versions of SEPPmail Secure Email Gateway prior to version 15.0.3 contained security vulnerabilities. These vulnerabilities allowed attackers to read the encrypted email content of other users...

7.5CVSS5.8AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.12 views

Phoenix Contact多款产品 安全漏洞

PHOENIX CONTACT FL SWITCH and PHOENIX CONTACT FL NAT are products of the German company PHOENIX CONTACT. PHOENIX CONTACT FL SWITCH is an industrial-grade Ethernet switch. PHOENIX CONTACT FL NAT is a series of industrial security gateways. Several products from Phoenix Contact have security...

4.9CVSS6.2AI score0.00339EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/18 12:0 a.m.8 views

PHOENIX CONTACT FL NAT 跨站请求伪造漏洞

PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by PHOENIX CONTACT GmbH in Germany. PHOENIX CONTACT FL NAT has a cross-site request forgeing vulnerability, which originates from the Link Aggregation configuration interface. This vulnerability may allow unverified remo...

7.1CVSS5.8AI score0.00178EPSS
Exploits0References1
CVE
CVE
added 2026/03/03 7:59 p.m.16 views

CVE-2026-0869

CVE-2026-0869 describes an authentication bypass in Brocade ASCG 3.4.0, enabling an unauthorized user to perform ASCG operations related to Brocade Support Link (BSL) and streaming configuration. The vulnerability could also disable the ASCG application or disable BSL data collection on fabric sw...

8.8CVSS5.9AI score0.00397EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/03 7:59 p.m.2 views

CVE-2026-0869 Application User custom defined accounts are not properly password protected in Brocade ASCG 3.4.0

Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...

8.3CVSS5.9AI score0.00397EPSS
Exploits0References1
NVD
NVD
added 2026/02/04 4:15 a.m.7 views

CVE-2026-1791

Unrestricted Upload of File with Dangerous Type vulnerability in Hillstone Networks Operation and Maintenance Security Gateway on Linux allows Upload a Web Shell to a Web Server.This issue affects Operation and Maintenance Security Gateway: V5.5ST00001B113...

2.7CVSS0.00311EPSS
Exploits0References1
CVE
CVE
added 2026/02/04 3:11 a.m.12 views

CVE-2026-1791

CVE-2026-1791 concerns Hillstone Networks products: Operation and Maintenance Security Gateway on Linux with vulnerable versions V5.5ST00001B113 and Hillstone Networks Security Gateway V5.5. The flaw is an unrestricted file upload of a dangerous file type, enabling an attacker to upload a web she...

2.7CVSS5.4AI score0.00311EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/04 3:11 a.m.29 views

CVE-2026-1791 Arbitrary File Upload Vulnerability in Operation and Maintenance Security Gateway

Unrestricted Upload of File with Dangerous Type vulnerability in Hillstone Networks Operation and Maintenance Security Gateway on Linux allows Upload a Web Shell to a Web Server.This issue affects Operation and Maintenance Security Gateway: V5.5ST00001B113...

2.7CVSS0.00311EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.6 views

PT-2026-6058

Name of the Vulnerable Software and Affected Versions Hillstone Networks Operation and Maintenance Security Gateway versions V5.5ST00001B113 Hillstone Networks Security Gateway version V5.5 Description The software contains a flaw related to unrestricted file uploads, potentially allowing an...

2.7CVSS5.4AI score0.00311EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.13 views

Hillstone Operation and Maintenance Security Gateway 安全漏洞

Hillstone Operation and Maintenance Security Gateway is a network operation and maintenance management platform developed by Hillstone Corporation. Version V5.5ST00001B113 of the Hillstone Operation and Maintenance Security Gateway contains a security vulnerability. This vulnerability stems from...

2.7CVSS5.8AI score0.00311EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/02 1:32 a.m.4 views

CVE-2026-1738

A flaw has been found in Open5GS up to 2.7.6. The impacted element is the function sgwctunneladd of the file /src/sgwc/context.c of the component SGWC. Executing a manipulation of the argument pdr can lead to reachable assertion. The attack can be executed remotely. The exploit has been published...

6.9CVSS5.6AI score0.00659EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/02/02 12:32 a.m.33 views

CVE-2026-1736 Open5GS SGWC s11-handler.c assertion

A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is the function sgwcs11handlecreateindirectdataforwardingtunnelrequest of the file /src/sgwc/s11-handler.c of the component SGWC. Such manipulation leads to reachable assertion. The attack may be launched remotely. The...

6.9CVSS0.00609EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.6 views

CVE-2023-4397

A buffer overflow vulnerability in the Zyxel ATP series firmware version 5.37, USG FLEX series firmware version 5.37, USG FLEX 50W series firmware version 5.37, and USG20W-VPN series firmware version 5.37, could allow an authenticated local attacker with administrator privileges to cause...

4.4CVSS7AI score0.00233EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:15 a.m.10 views

CVE-2024-2649

A vulnerability has been found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /protocol/iscdevicestatus/deleteonlineuser.php. The manipulation of the argument messagecontent leads to sql...

9.8CVSS9.8AI score0.00838EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.13 views

CVE-2024-2648

A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of the argument username leads to improper neutralization of data within xpath expressions. It is...

5.3CVSS6.8AI score0.00731EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/12/22 12:0 a.m.7 views

Libraesva Email Security Gateway (ESG) Web UI Detection

Binary data libraesvaemailsecuritygatewaydetect.nbin...

7AI score
Exploits0References1
Packet Storm
Packet Storm
added 2025/11/27 12:0 a.m.157 views

📄 Check Point Security Gateway R80.30 Arbitrary File Read

Proof of concept exploit for an unauthenticated arbitrary file read vulnerability in Check Point Security Gateway version R80.30. ============================================================================================================================================= | Title : Check Point...

8.6CVSS9.7AI score0.99978EPSS
Exploits52
OSV
OSV
added 2025/10/21 3:15 a.m.3 views

CVE-2025-9133

A missing authorization vulnerability in Zyxel ATP series firmware versions from V4.32 through V5.40, USG FLEX series firmware versions from V4.50 through V5.40, USG FLEX 50W series firmware versions from V4.16 through V5.40, and USG20W-VPN series firmware versions from V4.16 through V5.40 could...

8.1CVSS5.8AI score0.05462EPSS
Exploits0References1
Rows per page
Query Builder