91 matches found
EUVD-2018-4531
Malware in sbrugna...
EUVD-2017-14024
Malware in sbrugna...
CVE-2025-25235
Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...
CVE-2025-25235
Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...
CVE-2025-25235 Omnissa Secure Email Gateway (SEG) updates address Server-Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...
CVE-2025-25235 Omnissa Secure Email Gateway (SEG) updates address Server-Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF in Omnissa Secure Email Gateway SEG in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks...
CVE-2025-25235
CVE-2025-25235 describes a Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SEG). The vulnerability affects SEG on Windows prior to 2.32 and SEG on UAG prior to 2503, enabling an attacker to route internal-network traffic (e.g., HTTP requests) through the gateway. The CVSS 3.1 ...
PT-2025-32587 · Omnissa · Omnissa Secure Email Gateway +1
Name of the Vulnerable Software and Affected Versions: Omnissa Secure Email Gateway SEG versions prior to 2.32 Windows Omnissa Secure Email Gateway SEG versions prior to 2503 UAG Description: This issue is a Server-Side Request Forgery SSRF that allows routing of network traffic, such as HTTP...
Omnissa Unified Access Gateway (UAG) CORS Bypass
A cross-origin resource sharing bypass vulnerability was privately reported in Omnissa Unified Access Gateway UAG. An update is available to remediate this vulnerability in impacted versions of the product. The fixed version is 2503...
Unknown threat groups continues to exploit Log4j in VMware Products
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary An unknown APT group is exploiting the Log4j vulnerability that is affecting VMware Horizon and Unified Access Gateway UAG servers to compromise the system and take over the entire network by deploying malware...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products Under Evaluation VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Proxy VMware vRealize Automation VMware...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
MS10-089: Vulnerabilities in Forefront Unified Access Gateway and Microsoft Intelligent Application Gateway could cause elevation of privilege
Resolves vulnerabilities in Forefront Unified Access Gateway UAG that could allow elevation of privilege if a user visits an affected Web site using a specially crafted URL.INTRODUCTIONMicrosoft has released security bulletin MS10-089. To view the complete security bulletin, visit the following...
CVE-2019-12581
A reflective Cross-site scripting XSS vulnerability in the freetimefailed.cgi CGI program in selected Zyxel ZyWall, USG, and UAG devices allows remote attackers to inject arbitrary web script or HTML via the errmsg parameter...
CVE-2018-12571
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
CVE-2018-12571
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
CVE-2018-12571
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the origurl parameter, possibly causing a traffic amplification and/or SSRF outcome...
CVE-2018-12571
CVE-2018-12571 affects Microsoft Forefront Unified Access Gateway 2010. The vulnerability arises in uniquesig0/InternalSite/InitParams.aspx where a comma-separated orig_url list can trigger outbound DNS queries to arbitrary hosts, enabling potential traffic amplification and/or SSRF. POCs and dis...