All Posts by: Prasad G

Description A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos Firewall older than version 20.0 MR3

Description A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote

Description IBM Security Verify Access Docker 10.0.0 through 10.0.6 could allow a local user to escalate their privileges due to

Description A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could

Description An Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability [CWE-78] in FortiManager version

Description A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute

Description IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A

Description Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege

Description IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive

Description In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE This

Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file

Description Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops Center Analyzer detail view component),

Description A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow

Description A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker

Description CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the ProcessUtilities.outputExecutioner() sink. There is /filemanager/upload (aka

Description ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an

Description Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a

Description A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal sensitive information such as logs, browser

Description pyLoad is a free and open-source Download Manager. The folder `/.pyload/scripts` has scripts which are run when certain actions

Description File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code

Description A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker

Description A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0

Description A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2.12), InterMesh 7707 Fire Subscriber