147 matches found
FortiClient EMS - Authentication Bypass
Detects whether Fortinet hotfix FG-IR-26-099 for CVE-2026-35616 is missing by comparing behavioral responses from a certificate-authenticated endpoint. The template sends X-SSL-CLIENT-VERIFY: SUCCESS without certificate material and checks whether this spoofed header changes server behavior. id:...
EUVD-2026-33274
A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...
CVE-2026-46579
A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...
CVE-2026-46579
OpenShift Router flaw: when Route.insecureEdgeTerminationPolicy is Allow, the HTTP frontend does not strip X-SSL-Client-* headers, enabling an unauthenticated attacker to craft requests that bypass mutual TLS authentication by impersonating client certificate identities. Affected component: OpenS...
PT-2026-44799
A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...
CVE-2021-27932
Stormshield Network Security SNS VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions...
CVE-2021-31814
In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client...
CVE-2025-1910
The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and includi...
CVE-2025-1910 WatchGuard Mobile VPN with SSL Local Privilege Escalation via Update Package
The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and includi...
CVE-2025-1549
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...
CVE-2025-1549 WatchGuard Mobile VPN with SSL Local Privilege Escallation
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...
EUVD-2008-1581
Malware in sbrugna...
EUVD-2001-1086
Malware in sbrugna...
EUVD-2018-17275
Malware in sbrugna...
EUVD-2008-1679
Malware in sbrugna...
EUVD-2017-17402
Malware in sbrugna...
EUVD-2021-2101
Malware in sbrugna...
EUVD-2007-5780
Malware in sbrugna...
EUVD-2021-18690
Malware in sbrugna...
EUVD-2025-8668
Malicious code in bioql PyPI...