20 matches found
EUVD-2022-34580
Malicious code in bioql PyPI...
EUVD-2023-12303
Malicious code in bioql PyPI...
EUVD-2022-24587
Malicious code in bioql PyPI...
CVE-2023-0214
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be...
CVE-2022-1254
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by the attacker. Thi...
CVE-2022-2310
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of...
CVE-2023-4400
A password management vulnerability in Skyhigh Secure Web Gateway SWG in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was...
CVE-2023-0214
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be...
Cross site scripting
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be...
CVE-2023-0214 XSS in Skyhigh Security SWG
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be...
CVE-2023-0214
Vulnerability context (CVE-2023-0214): A cross-site scripting flaw in Skyhigh SWG affects main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1. A remote attacker can craft SWG-specific internal requests with URL paths to third-party sites, causing...
CVE-2022-2310
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of...
Authentication flaw
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of...
CVE-2022-2310
CVE-2022-2310 affects Skyhigh SWG. An authentication bypass allows remote login to the admin UI due to improper whitelisting of bypass methods and a weak crypto password. Affected versions include Skyhigh SWG 8.x–8.2.27, 9.x–9.2.22, 10.x–10.2.11, and 11.x–11.2.0. Remediation: upgrade to 8.2.28+, ...
CVE-2022-2310 Skyhigh SWG Authentication bypass vulnerability
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the administration User Interface. This is possible because of...
PT-2022-15842 · Mcafee · Skyhigh Swg
Name of the Vulnerable Software and Affected Versions: Skyhigh SWG versions 8.x through 8.2.27 Skyhigh SWG versions 9.x through 9.2.22 Skyhigh SWG versions 10.x through 10.2.11 Skyhigh SWG versions 11.x through 11.2.0 Description: The issue allows a remote attacker to bypass authentication into t...
CVE-2022-1254
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by the attacker. Thi...
Code injection
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by the attacker. Thi...
CVE-2022-1254
CVE-2022-1254 describes a URL redirection flaw in Skyhigh SWG. Affected versions are Skyhigh SWG 7.x < 7.8.2.31, 8.x < 8.2.27, 9.x < 9.2.20, 10.x < 10.2.9, and 11.x
CVE-2022-1254 SWG URL redirection vulnerability
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by the attacker. Thi...