All Posts by: Prophy Insights

Description An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific

Description An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure.

Description Azure RTOS USBx is a USB host, device, and on-the-go (OTG) embedded stack, fully integrated with Azure RTOS ThreadX

Description A vulnerability was found in Fortinet FortiOS and FortiProxy. It has been classified as very critical. This affects an

Description Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads

Description Generex CS141 before 2.08 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh

Description A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege

Description An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable

Description isolated-vm is a library for nodejs which gives the user access to v8’s Isolate interface. In versions 4.3.6 and

Description Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system

Description Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions

Description NuProcess is an external process execution implementation for Java. In all the versions of NuProcess where it forks processes

Description An attacker with knowledge of user/pass of Grandstream GSD3710 in its 1.0.11.13 version, could overflow the stack since it

Description Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in

Description A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their

Description This Vulnerability in NIS-HAP11AC is caused by an exposed external port for the telnet service. Remote attackers use this

Description Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious

Description A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized

Description In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this

Description Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability

Description In Apache Calcite prior to version 1.32.0 the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE do not restrict XML

Description A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access