13 matches found
EUVD-2003-0237
Malware in sbrugna...
EUVD-2025-14045
Malicious code in bioql PyPI...
CVE-2024-9448
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...
CVE-2024-9448
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...
CVE-2024-9448
CVE-2024-9448 affects Arista EOS with Traffic Policies configured. The issue causes received untagged packets to bypass Traffic Policy rules, so a rule that would drop a packet may not be enforced, potentially delivering packets to unintended destinations. Affected EOS releases include 4.33.x (4....
CVE-2024-9448 On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp
On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if th...
Cilium Security Vulnerabilities
Cilium is an open source software. It is used to provide and transparently protect network connectivity and load balancing between application workloads such as application containers or processes. Cilium suffers from a security vulnerability that stems from the fact that HTTP policies are not...
K18263026: The BIG-IP HTTP parser can incorrectly parse a tab character
Security Advisory Description When scanning a URI, the HTTP parser on the BIG-IP system may periodically treat a tab character as white space, which causes incorrect URI parsing. For example, the BIG-IP system receives the following GET string in an HTTP request: GET \t/admin/ HTTP/1.0\r\n\r\n...
Cisco Meraki MR Series Splash Page Insecure Configuration Option
A configuration option for the Splash Page feature also known as Captive Portal in Cisco Meraki MR Series devices may allow an administrator to configure an 802.11 WLAN in which traffic policies are not applied to clients that are connecting to the network. The insecure configuration is determine...
HTTP/HTTPS proxy support on NetScaler based on Traffic Policies Secure Web
This article describes how to configure NetScaler to proxy the traffic from MDX apps through a Proxy server like Squid, Bluecoat. Enterprises can proxy traffic configuring simple traffic rules on NetScaler box...
Cisco Firepower Threat Defense Software SSL/TLS URL Category Bypass Vulnerability (cisco-sa-ssl-bypass-O5tGum2n)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a remote code execution vulnerability in Transport Layer Security. This is due to logic error withing SNORT handling. An unauthenticated, remote attacker can exploit this to bypass web traffic policies...
Input validation
A vulnerability in the Secure Sockets Layer SSL/Transport Layer Security TLS protocol parser of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured policies. The vulnerability is due to improper parsing of specific attributes in a TLS...
"not a PRIVILEGE users" while accessing internal web link through XenMobile
On XenMobile 10 internal websites are published as web link . Proxy is configured in the environment and traffic policies are added on the NetScaler Gateway . Customer wants to send external traffic to go through proxy and skip the internal websites from going through the same. When users are...