ZDI-24-421: SonicWALL GMS Virtual Appliance ECMClientAuthenticator Hard-Coded Credential Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of SonicWALL GMS Virtual Appliance. Authentication is not required to exploit this vulnerability. The...
ZDI-24-420: SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of SonicWALL GMS Virtual Appliance. Although authentication is required to exploit this vulnerability,...
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
What is the vulnerability?A use-after-free vulnerability tagged as CVE-2023-49606 exists in Tinyproxy, a lightweight open-source HTTP proxy daemon. The threat actor may trigger this memory...
DSA-5682-1 glib2.0 – security update
Alicia Boya Garcia reported that the GDBus signal subscriptions in the GLib library are prone to a spoofing vulnerability. A local attacker can take advantage...
Multiple Vulnerabilities in Google Android OS Could Allow for Privilege Escalation
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for privilege escalation. Android is an operating system developed...
secuvera-SA-2024-02: Multiple Persistent Cross-Site Scritping (XSS) flaws in Drupal-Wiki
Posted by Simon Bieber via Fulldisclosure on May 06 secuvera-SA-2024-02: Multiple Persistent Cross-Site Scritping (XSS) flaws in Drupal-Wiki Affected Products Drupal Wiki 8.31 Drupal Wiki...
OXAS-ADV-2024-0002: OX App Suite Security Advisory
Posted by Martin Heiland via Fulldisclosure on May 06 Dear subscribers, We're sharing our latest advisory with you and like to thank everyone who contributed...