Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-30806

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands…

Devamını oku

CVE-2023-30802

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code…

Devamını oku

CVE-2023-30803

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access administrative…

Devamını oku

CVE-2023-30801

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change…

Devamını oku

CVE-2023-41085

When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support…

Devamını oku

CVE-2023-41373

A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated attacker to execute commands on the BIG-IP system. For BIG-IP…

Devamını oku

CVE-2023-39447

When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log.   Note: Software versions which have reached End of Technical…

Devamını oku

CVE-2023-40537

An authenticated user’s session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. …

Devamını oku