Lucene search
K

33 matches found

Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.13 views

PT-2026-40754

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 10.2.7 PAN-OS version 10.2.8 PAN-OS version 10.2.9 PAN-OS version 10.2.10 PAN-OS version 10.2.11 Prisma Access affected versions not specified Description Authentication bypass flaws in the GlobalProtect portal and...

9.1CVSS6.4AI score0.86678EPSS
Exploits11References315
Vulnrichment
Vulnrichment
added 2026/04/09 9:35 p.m.1 views

CVE-2026-33778 Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes

An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service DoS. If an affected device receives a...

8.7CVSS5.8AI score0.00338EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 4:36 p.m.20 views

CVE-2024-54019

A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection...

4.8CVSS0.00141EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.5 views

PT-2025-24711 · Fortinet · Forticlient

Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientWindows versions 7.0 through 7.2.6 Fortinet FortiClientWindows version 7.4.0 Description: The issue is related to an improper validation of certificates with host mismatch, allowing an unauthorized attacker to redirect VPN...

6.5CVSS6.2AI score0.00141EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 1:10 a.m.9 views

CVE-2024-20499

Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...

8.6CVSS7.2AI score0.00505EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.10 views

F5 Networks BIG-IP : BIG-IP APM endpoint inspection vulnerability (K000139656)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000139656 advisory. A missing integrity check vulnerability exists in BIG-IP APM access policy...

3.1CVSS6.1AI score0.00134EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/18 12:0 a.m.29 views

AlmaLinux 9 : Security and bug fixes for NetworkManager (Medium) (ALSA-2025:0377)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:0377 advisory. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its...

7.6CVSS7.4AI score0.04063EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/01/16 2:22 p.m.90 views

Moderate: Red Hat Security Advisory: Security and bug fixes for NetworkManager

Security and bug fixes for NetworkManager NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well...

7.6CVSS7.1AI score0.04063EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/01/16 12:0 a.m.27 views

RHEL 9 : Securityes for NetworkManager (Moderate) (RHSA-2025:0377)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0377 advisory. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when availabl...

7.6CVSS7.4AI score0.04063EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/01/14 12:0 a.m.34 views

Oracle Linux 8 : NetworkManager (ELSA-2025-0288)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0288 advisory. 1:1.40.16-18.0.1 - disable MPTCP handling by default Orabug: 35081472 - Fix ignore-carrier logic Orabug: 34956744 - Disable regeneration of the documentation...

7.6CVSS7.4AI score0.04063EPSS
Exploits1References2
Securelist
Securelist
added 2024/05/28 10:0 a.m.44 views

Trusted relationship attacks: trust, but verify

IT outsourcing market continues to demonstrate strong growth globally – such services are becoming increasingly popular. But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. By providing third-party...

7.8AI score
Exploits0
ICS
ICS
added 2024/02/29 12:0 p.m.64 views

Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways

Actions to take today to mitigate cyber threats against Ivanti appliances: 1. Limit outbound internet connections from SSL VPN appliances to restrict access to required services. 2. Keep all operating systems and firmware up to date. 3. Limit SSL VPN connections to unprivileged accounts...

9.1CVSS8.6AI score0.99999EPSS
Exploits27References72
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.11 views

SA44328 - 2019-12: Out-of-Cycle Advisory: Vulnerability could allow attackers to sniff or hijack VPN Connections (CVE-2019-14899)

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This advisory provides information about recently discovered vulnerability CVE-2019-14899. The flaw could be exploited by an attacker who shares the same network segment with the target...

7.4CVSS6AI score0.00838EPSS
Exploits0
Cvelist
Cvelist
added 2022/11/09 4:28 p.m.31 views

CVE-2021-34579 PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management

In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...

7.5CVSS7.6AI score0.00577EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/09 4:28 p.m.9 views

CVE-2021-34579 PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management

In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...

7.5CVSS7.5AI score0.00577EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.4 views

PT-2022-6270 · Cisco · Cisco Meraki Mx +2

Name of the Vulnerable Software and Affected Versions: Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices affected versions not specified Description: A vulnerability in the Cisco AnyConnect VPN server could allow an unauthenticated, remote attacker to cause a denial of service DoS...

8.6CVSS8.3AI score0.00992EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2022/01/18 1:23 p.m.30 views

Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service

VPNLab.net, a VPN provider that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation. Europol said it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 a...

6.8AI score
Exploits0
Microsoft KB
Microsoft KB
added 2022/01/17 12:0 a.m.5 views

January 17, 2022—KB5010792 (OS Build 18363.2039) Out-of-band

January 17, 2022—KB5010792 OS Build 18363.2039 Out-of-band 11/19/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1909, see its update history page.Note Follow...

5.7AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/13 11:8 p.m.81 views

Microsoft Yanks Buggy Windows Server Updates

Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable...

9.9AI score
Exploits0References12
Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.96 views

January 11, 2022—KB5009545 (OS Build 18363.2037)

January 11, 2022—KB5009545 OS Build 18363.2037 EXPIRATION NOTICE As of 9/12/2023, KB5009545 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security...

10CVSS7.5AI score0.55711EPSS
Exploits9
Rows per page
Query Builder