CLEANSTART-2026-FA60324 It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session

Multiple security vulnerabilities affect the keycloak package. It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. See references for individual vulnerability details...

Advantech多款产品 安全漏洞

Advantech WISE-4060LAN is an industrial automation controller from Advantech, Taiwan, China. A security vulnerability exists in multiple Advantech products, which can be exploited by attackers to cause brute force exploits and account takeovers...

CVE-2020-8986

lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain administrative access with a large number of requests...

CVE-2023-30806

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /cgi-bin/login.cgi endpoint. This is due to...