Palo Alto Networks Advisories
CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature (Severity: MEDIUM)
Ingen sammanfattning.
Senaste 1h
Senaste 6h
Senaste 24h
Senaste 7d
Senaste 30d
Endast lokalt
Analys/ledare
Endast följda källor
Snabbfilter
Toppnyheter
Säkerhet
Security-widgeten är dold.
Visa widget
Säkerhet
50 artiklar
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
1 fler källor
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
Microsoft MSRC
Information published.
The Hacker News
Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering campaign that has leveraged the Windows Terminal app as a way to activate a sophisticated attack chain and deploy the Lumma...
Microsoft MSRC
Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
Microsoft MSRC
Information published.
The Hacker News
Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild. The vulnerabilities in question are listed below -...
SecurityWeek Vulnerabilities
The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. The post Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild appeared first...
CERT-SE
Cisco har publicerat information gällande två kritiska sårbarheter i Cisco Secure Firewall Management Center (FMC) och Cisco Security Cloud Control (SCC) Firewall Management. Båda sårbarheterna (CVE-2026-20079 och...
Cisco PSIRT
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an attacker to access an affected system, elevate privileges to root, gain access to sensitive information, and overwrite...
CISA KEV-katalog
Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information. | Åtgärd: Apply mitigations...
CISA KEV-katalog
Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix controllers are...
CISA KEV-katalog
Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously crafted web content that may lead to memory corruption. | Åtgärd: Apply mitigations per vendor...
CISA KEV-katalog
Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content that may lead to arbitrary code execution. | Åtgärd: Apply...
CISA KEV-katalog
Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel privileges. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01...
Cisco PSIRT
Multiple vulnerabilities in the Remote Access SSL VPN functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote...
1 fler källor
Cisco PSIRT
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Server Denial of Service Vulnerability
2026-03-05 01:00
Cisco PSIRT
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected...
1 fler källor
Cisco PSIRT
Cisco Secure Firewall Management Center Software Authentication Bypass Vulnerability
2026-03-05 01:00
Cisco PSIRT
Multiple Cisco products are affected by vulnerabilities in the Snort 3 Detection Engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an...
CISA KEV-katalog
Broadcom VMware Aria Operations formerly known as vRealize Operations (vROps) contains a command injection vulnerability that allows an unauthenticated attacker to execute arbitrary commands, potentially leading to...
CISA KEV-katalog
Multiple Qualcomm chipsets contain a memory corruption vulnerability while using alignments for memory allocation. | Åtgärd: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud...
CERT-SE
Cisco har publicerat information om en nolldagssårbarhet (CVE-2026-20127) som påverkar i Cisco Catalyst SD-WAN Controller (tidigare vSmart) och Cisco Catalyst SD-WAN Manager (tidigare vManage). Sårbarheten är kritisk...
CISA KEV-katalog
Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, remote attacker to...
CISA KEV-katalog
Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application CLI. A successful...
CISA KEV-katalog
Soliton Systems K.K FileZen contains an OS command injection vulnerability when an user logs-in to the affected product and sends a specially crafted HTTP request. | Åtgärd: Apply mitigations per vendor instructions,...
Palo Alto Networks Advisories
Ingen sammanfattning.
CERT-SE
Dell har publicerat information om en kritisk sårbarhet (CVE-2026-22769) som påverkar RecoverPoint for Virtual Machines. Sårbarheten är kritisk och har en CVSS v3.1-klassning på 10. [1] [2]
Palo Alto Networks Advisories
Ingen sammanfattning.
Palo Alto Networks Advisories
Ingen sammanfattning.
1 fler källor
Palo Alto Networks Advisories
PAN-SA-2026-0001 Chromium: Monthly Vulnerability Update (January 2026) (Severity: MEDIUM)
2026-01-14 18:00
CERT-SE
Flera leverantörer har släppt sina månatliga säkerhetsuppdateringar för februari.
Fortinet PSIRT
CVSSv3 Score: 5.2 An HTTP request smuggling vulnerability [CWE-444] in FortiOS may allow an unauthenticated attacker to smuggle an unlogged http request through the firewall policies via a specially crafted header...
Fortinet PSIRT
CVSSv3 Score: 6.4 An Improper Link Resolution Before File Access vulnerability [CWE-59] in FortiClient Windows may allow a local low-privilege attacker to perform an arbitrary file write with elevated permissions via...
Fortinet PSIRT
CVSSv3 Score: 3.8 An Improper Verification of Source of a Communication Channel vulnerability [CWE-940] in FortiOS FSSO Terminal Services Agent may allow an authenticated user with knowledge of FSSO policy...
Fortinet PSIRT
CVSSv3 Score: 6.7 A Use of Externally-Controlled Format String vulnerability [CWE-134] in FortiGate may allow an authenticated admin to execute unauthorized code or commands via specifically crafted configuration....
Fortinet PSIRT
CVSSv3 Score: 7.5 An Authentication Bypass by Primary Weakness vulnerability [CWE-305] in FortiOS fnbamd may allow an unauthenticated attacker to bypass LDAP authentication of Agentless VPN or FSSO policy, under...
Fortinet PSIRT
CVSSv3 Score: 6.8 A missing authorization vulnerability [CWE-862] in FortiAuthenticator may allow a read-only admin to make modification to local users via a file upload to an unprotected endpoint. Revised on...
Fortinet PSIRT
CVSSv3 Score: 5.3 An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] in FortiOS SSL-VPN may allow a remote unauthenticated attacker to bypass the patch developed for the symbolic...
Palo Alto Networks Advisories
Ingen sammanfattning.
Fortinet PSIRT
CVSSv3 Score: 9.8 CVE-2025-15467Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. A stack buffer overflow may lead to a crash, causing Denial of...
Fortinet PSIRT
CVSSv3 Score: 7.4 A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiSwitchManager cw_acd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically...
Fortinet PSIRT
CVSSv3 Score: 6.7 An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS, FortiPAM and FortiProxy RDP bookmark connection may allow an authenticated user to execute unauthorized code via crafted requests....