PT-2026-43312

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The execute web request secure function in src/fast library.cpp creates a boost::asio::ssl::context with tls client mode and calls set default verify paths to load CA certificates, but never...

EUVD-2019-10583

Malware in sbrugna...

EUVD-2021-12894

Malware in sbrugna...

EUVD-2019-4690

Malware in sbrugna...

CVE-2025-52891

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. In versions 2.9.8 to before 2.9.11, an empty XML tag can cause a segmentation fault. If SecParseXmlIntoArgs is set to On or OnlyArgs, and the request type is application/xml, and at least...

GACS - App Configuration settings not being applied to HTML5 Client

App Configuration service GACS settings to disable options in the Toolbar for HTML5 client are not applied...

Screen sharing doesn't work with QuickAssist or other apps when AppProtection is enabled

How to proper configure AppProtection for screen capture...

CVE-2025-46617

Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and...

CVE-2025-46617

Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and...

CVE-2025-46617

Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and...

CVE-2025-46617

The CVE-2025-46617 issue affects Quantum StorNext components: StorNext RYO, StorNext Xcellis Workflow Director, and ActiveScale Cold Storage, all prior to version 7.2.4. The vulnerability enables access to internal StorNext configuration and allows unauthorized modification of several software co...

GO-2025-3591 Miniflux Media Proxy vulnerable to Stored Cross-site Scripting due to improper Content-Security-Policy configuration in miniflux.app

Miniflux Media Proxy vulnerable to Stored Cross-site Scripting due to improper Content-Security-Policy configuration in miniflux.app...

CGA-HRGC-6996-3X9Q

Bulletin has no description...

Citrix Cloud: Workspace App configuration is missing silent plugin install for teams or other apps

To understand reason for certainplugin install for teams or other apps is currently unavailable along workspace configuration of Daas console On trying to enable the "Updates and Plug-ins" options for MSTeam, WebEx or Zoom the options to enabled or disable the below are not showing or missing in...

CVE-2022-24774

CycloneDX BOM Repository Server is a bill of materials BOM repository server for distributing CycloneDX BOMs. CycloneDX BOM Repository Server before version 2.0.1 has an improper input validation vulnerability leading to path traversal. A malicious user may potentially exploit this vulnerability ...

CVE-2021-34750 Cisco Firepower Management Center Software Configuration Information Disclosure Vulnerability

A vulnerability in the administrative web-based GUI configuration manager of Cisco Firepower Management Center Software could allow an authenticated, remote attacker to access sensitive configuration information. The attacker would require low privilege credentials on an affected device. This...

How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severity

Finding, managing and patching security vulnerabilities on any network, no matter the size, is a tall task. In the first week of 2024 alone, there were 621 new common IT security vulnerabilities and exposures CVEs disclosed worldwide, covering a range of applications, software and hardware that...

CVE-2023-6152

A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verifyemailenabled" will only validate email only on sign up...

How to modify the HTTP/HTTPS port while connecting to the management IP of Netscaler?

Regarding modify the HTTP/HTTPS port when connecting to the management IP of Netscaler...

QUIC protocol configuration

QUIC protocol configuration...