Using warp-cli command “add-trusted-ssid”, a user was able to disconnect WARP client and bypass the “Lock WARP switch” feature resulting in Zero Trust policies not…

It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch on the WARP iOS mobile client by enabling both “Disable for cellular networks” and “Disable…

It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli ‘set-custom-endpoint’ subcommand. Using this command with an unreachable endpoint…

Users can read any files by log server, Apache DolphinScheduler users should upgrade to version 2.0.6 or higher. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Attackers can create long chains of CAs that would lead to OctoRPKI exceeding its max iterations parameter. In consequence it would cause the program to…

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and…

VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit…

A security vulnerability was discovered in the Eaton Foreseer EPMS software. Foreseer EPMS connects an operation’s vast array of devices to assist in the reduction…

All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with…

Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to…