20 matches found
EUVD-2026-41450
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938. This issue affects Fireware O...
EUVD-2026-41452
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...
CVE-2026-13373
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936. This issue affects Fireware O...
CVE-2026-13377
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...
CVE-2026-13375
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938. This issue affects Fireware O...
CVE-2026-13377
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...
CVE-2026-13376
CVE-2026-13376 affects WatchGuard Firebox via the Fireware OS spamBlocker module. Vulnerable component: spamBlocker in Fireware OS; vulnerable versions: Fireware OS 12.0–12.12, 12.5–12.5.18, and 2025.1–2026.2. Description: Improper Neutralization of Input During Web Page Generation leading to Sto...
CVE-2026-13374 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS ConnectWise Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937. This issue affects Firewar...
PT-2026-55332
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS spamBlocker module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-1071. This issue affects Fireware OS 12.0 up to and...
EUVD-2025-36672
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...
CVE-2025-1549 WatchGuard Mobile VPN with SSL Local Privilege Escallation
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...
CVE-2025-1549 WatchGuard Mobile VPN with SSL Local Privilege Escallation
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...
The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems allows a perpetrator to execute arbitrary commands.
The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow attackers to execute arbitrary commands...
CVE-2025-3497
The Linux distribution underlying the Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 is obsolete and reached end of life EOL on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product...
M-01 Unmitigated
Lines of code Vulnerability details Mitigation of M-01: Issue not mitigated Link to Issue: code-423n4/2023-09-asymmetry-findings55 Comments The sponsor has acknowledged the issue but decided to not mitigate it. Acknowledged and did not fix, plan to upgrade a fix in the future Assessed type Other...
M-02 Unmitigated
Lines of code Vulnerability details Original Issue code-423n4/2023-06-angle-findings31 Details It shows LibGetters.getCollateralRatio might return the incorrect ratio due to the unsafe cast. Mitigation PR: AngleProtocol/angle-transmuter@6f2ffcb During the mitigation, it uses the safeCast library...
M-03 Unmitigated
Lines of code Vulnerability details Mitigation of M-03: Issue not mitigated, see comments Link to Issue: code-423n4/2023-05-ambire-findings16 Comments The issue is not mitigated. There is an error in the implementation of the mitigation of M-03. See report adriro-MR-M-03-ERROR for details. Assess...
M-05 Unmitigated
Lines of code code-423n4/2023-05-xeth@aebc324L230 Vulnerability details If wxETH drips when nothing is staked, then the first staker can claim every drop. Mitigation code-423n4/2023-05-xeth@aebc324 This PR is added in the method accrueDrip to return if totalSupply == 0 to avoid dropping at 0. But...
H-100 Unmitigated
Lines of code L1 Vulnerability details test Assessed type call/delegatecall --- The text was updated successfully, but these errors were encountered: All reactions...
M-01 Unmitigated
Lines of code L1 Vulnerability details Lines of code L1 Vulnerability details Confirmed --- The text was updated successfully, but these errors were encountered: All reactions...