33 matches found
PT-2026-40754
Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 10.2.7 PAN-OS version 10.2.8 PAN-OS version 10.2.9 PAN-OS version 10.2.10 PAN-OS version 10.2.11 Prisma Access affected versions not specified Description Authentication bypass flaws in the GlobalProtect portal and...
CVE-2026-33778 Junos OS: SRX Series, MX Series: When a specifically malformed first ISAKMP packet is received kmd/iked crashes
An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service DoS. If an affected device receives a...
CVE-2024-54019
A improper validation of certificate with host mismatch in Fortinet FortiClientWindows version 7.4.0, versions 7.2.0 through 7.2.6, and 7.0 all versions allow an unauthorized attacker to redirect VPN connections via DNS spoofing or another form of redirection...
PT-2025-24711 · Fortinet · Forticlient
Name of the Vulnerable Software and Affected Versions: Fortinet FortiClientWindows versions 7.0 through 7.2.6 Fortinet FortiClientWindows version 7.4.0 Description: The issue is related to an improper validation of certificates with host mismatch, allowing an unauthorized attacker to redirect VPN...
CVE-2024-20499
Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...
F5 Networks BIG-IP : BIG-IP APM endpoint inspection vulnerability (K000139656)
The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000139656 advisory. A missing integrity check vulnerability exists in BIG-IP APM access policy...
AlmaLinux 9 : Security and bug fixes for NetworkManager (Medium) (ALSA-2025:0377)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:0377 advisory. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its...
Moderate: Red Hat Security Advisory: Security and bug fixes for NetworkManager
Security and bug fixes for NetworkManager NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well...
RHEL 9 : Securityes for NetworkManager (Moderate) (RHSA-2025:0377)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0377 advisory. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when availabl...
Oracle Linux 8 : NetworkManager (ELSA-2025-0288)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0288 advisory. 1:1.40.16-18.0.1 - disable MPTCP handling by default Orabug: 35081472 - Fix ignore-carrier logic Orabug: 34956744 - Disable regeneration of the documentation...
Trusted relationship attacks: trust, but verify
IT outsourcing market continues to demonstrate strong growth globally – such services are becoming increasingly popular. But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. By providing third-party...
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Actions to take today to mitigate cyber threats against Ivanti appliances: 1. Limit outbound internet connections from SSL VPN appliances to restrict access to required services. 2. Keep all operating systems and firmware up to date. 3. Limit SSL VPN connections to unprivileged accounts...
SA44328 - 2019-12: Out-of-Cycle Advisory: Vulnerability could allow attackers to sniff or hijack VPN Connections (CVE-2019-14899)
Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. This advisory provides information about recently discovered vulnerability CVE-2019-14899. The flaw could be exploited by an attacker who shares the same network segment with the target...
CVE-2021-34579 PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...
CVE-2021-34579 PHOENIX CONTACT: FL MGUARD DM version 1.12.0 and 1.13.0 Improper Privilege Management
In Phoenix Contact: FL MGUARD DM version 1.12.0 and 1.13.0 access to the Apache web server being installed as part of the FL MGUARD DM on Microsoft Windows does not require login credentials even if configured during installation.Attackers with network access to the Apache web server can download...
PT-2022-6270 · Cisco · Cisco Meraki Mx +2
Name of the Vulnerable Software and Affected Versions: Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices affected versions not specified Description: A vulnerability in the Cisco AnyConnect VPN server could allow an unauthenticated, remote attacker to cause a denial of service DoS...
Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service
VPNLab.net, a VPN provider that was used by malicious actors to deploy ransomware and facilitate other cybercrimes, was taken offline following a coordinated law enforcement operation. Europol said it took action against the misuse of the VPN service by grounding 15 of its servers on January 17 a...
January 17, 2022—KB5010792 (OS Build 18363.2039) Out-of-band
January 17, 2022—KB5010792 OS Build 18363.2039 Out-of-band 11/19/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1909, see its update history page.Note Follow...
Microsoft Yanks Buggy Windows Server Updates
Microsoft has yanked the Windows Server updates it issued on Patch Tuesday after admins found that the updates had critical bugs that break three things: They trigger spontaneous boot loops on Windows servers that act as domain controllers, break Hyper-V and render ReFS volume systems unavailable...
January 11, 2022—KB5009545 (OS Build 18363.2037)
January 11, 2022—KB5009545 OS Build 18363.2037 EXPIRATION NOTICE As of 9/12/2023, KB5009545 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security...