CVE-2025-62631

An insufficient session expiration vulnerability CWE-613 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's passwor...

CVE-2025-62631

Fortinet FortiOS versions affected by CVE-2025-62631: FortiOS 7.4.0, all 7.2 versions, all 7.0 versions, and all 6.4 versions. The issue is an insufficient session expiration (CWE-613) that lets an attacker maintain access to network resources via an active SSLVPN session not terminated after a u...

EUVD-2002-2118

Malware in sbrugna...

EUVD-2015-7656

Malware in sbrugna...

EUVD-2019-10130

Malware in sbrugna...

EUVD-2017-16713

Malware in sbrugna...

EUVD-2009-1155

Malware in sbrugna...

EUVD-2022-26183

Malicious code in bioql PyPI...

EUVD-2025-9555

Malicious code in bioql PyPI...

EUVD-2024-18052

Malicious code in bioql PyPI...

EUVD-2024-18070

Malicious code in bioql PyPI...

EUVD-2024-18213

Malicious code in bioql PyPI...

EUVD-2024-18214

Malicious code in bioql PyPI...

EUVD-2023-24448

Malicious code in bioql PyPI...

EUVD-2024-18216

Malicious code in bioql PyPI...

CVE-2025-20239

CVE-2025-20239 describes an unauthenticated, remote-execution of a memory-leak/DoS in the IKEv2 processing of Cisco IOS, IOS XE, ASA, and FTD. Exploitation via crafted IKEv2 packets can cause IOS/IOS XE devices to reload; ASA/FTD may partially exhaust memory leading to instability and inability t...

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access SMA 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP. The malicious activity, dating back to at least October 2024, has been attributed by the Goog...

The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z series network devices, known as Teleworker Gateway, allows a intruder to cause a service failure.

The vulnerability of the Cisco AnyConnect VPN server of the microsoftware for Cisco Meraki MX and Cisco Meraki Z series Teleworker Gateways is related to the use of an uninitialized variable during the establishment of an SSL VPN session. Exploiting this vulnerability can allow a malicious actor ...

CVE-2024-50562

An Insufficient Session Expiration vulnerability CWE-613 in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session...

CVE-2024-20502

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to insufficient resource management while establishi...