CVE-2022-3980 : SOPHOS MOBILE MANAGED ON-PREMISES UP TO 9.7.4 XML SERVER-SIDE REQUEST FORGERY

Description

An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.

References

https://www.sophos.com/en-us/security-advisories/sophos-sa-20221116-smc-xee

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-5618 : PRUVASOFT INFORMATICS APINIZER MANAGEMENT CONSOLE PRIOR 2024.05.1 PERMISSION ASSIGNMENT

CVE-2024-5618 : PRUVASOFT INFORMATICS APINIZER MANAGEMENT CONSOLE PRIOR 2024.05.1 PERMISSION ASSIGNMENT

Description Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained

CVE-2024-39907 : 1PANEL 1.10.9-TLS/1.10.10-TLS/1.10.11-TLS SQL INJECTION

CVE-2024-39907 : 1PANEL 1.10.9-TLS/1.10.10-TLS/1.10.11-TLS SQL INJECTION

Description 1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some

CVE-2024-20401 : CISCO SECURE EMAIL CONTENT SCANNING/MESSAGE FILTERING ABSOLUTE PATH TRAVERSAL

CVE-2024-20401 : CISCO SECURE EMAIL CONTENT SCANNING/MESSAGE FILTERING ABSOLUTE PATH TRAVERSAL

Description A vulnerability in the content scanning and message filtering features of Cisco Secure Email Gateway could allow an unauthenticated,