16 matches found
CVE-2022-38615
SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:jid88, UserForm:jid90, and UserForm:jid92 parameters at /SVFE2/pages/feegroups/servicegroup.jsf...
EUVD-2022-41192
Malicious code in bioql PyPI...
CVE-2024-20384
A vulnerability in the Network Service Group NSG feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured access control list ACL and allow traffic that should be denied to flow...
CVE-2024-20384
A vulnerability in the Network Service Group NSG feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured access control list ACL and allow traffic that should be denied to flow...
CVE-2024-20384
A vulnerability in the Network Service Group NSG feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured access control list ACL and allow traffic that should be denied to flow...
CVE-2024-20384
A vulnerability in the Network Service Group NSG feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured access control list ACL and allow traffic that should be denied to flow...
PT-2024-7485 · Cisco · Cisco Asa +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A logic error in the Network Service Group NSG feature could allow an...
How is the system limit of service/service group/vserver calculated on NetScaler
...
Threat Source newsletter (Oct. 20, 2022) — Shields Up! No seriously, Shields Waaaaay Up
By Jon Munshaw. Welcome to this weeks edition of the Threat Source newsletter. Im very excited about this video -- its a project Ive been working on with my team for a while now. Building off what Ive written about in the past regarding fake news, this video examines what essentially equates to t...
CVE-2022-38615
SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:jid88, UserForm:jid90, and UserForm:jid92 parameters at /SVFE2/pages/feegroups/servicegroup.jsf...
XSS Vulnerability in 53FastService's Online Customer Service System
Zhejiang Fast Service Group Co., Ltd. was established on August 01, 2006 . Legal representative Lou Weibo, the company's business scope includes: general items: technical services, technology development, technology consulting, technology exchanges, technology transfer, technology promotion and s...
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future when the GID will be recycled.
...
Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-02543)
Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. A cross-site scripting vulnerability exists in Nagios XI 5.6.9. The vulnerability can be exploited by an attacker to conduct a...
StoreFront monitor shows down if "Check Backend Services" is enabled
When NetScaler admin try to create a service group and bind StoreFront monitor, the effective state shows down...
Check Point Firewall rules may improperly handle network traffic
Overview Check Point Firewall CIFS service group may allow unintended traffic to pass through the firewall. Description Check Point Firewall contains a set of predefined service groups designed to handle different types of traffic associated with a service or collection of protocols. For instance...
Rule bypassing in CheckPoint NGX R60
Hi folks, as playing a little bit with CheckPoint NGX new release R60, I noticed a serious problem with the predefined service group "CIFS". This group includes the services called "microsoft-ds" TCP Port 445 and the predefined service group "NBT", which includes some old smb-stuff. If I use this...