Ivanti Connect Secure Unauthenticated Remote Code Execution Exploit

This Metasploit module chains a server side request forgery (SSRF) vulnerability (CVE-2024-21893) and a command injection vulnerability (CVE-2024-21887) to exploit vulnerable instances of either Ivant ...

Continue Reading
Ivanti Connect Secure Unauthenticated Remote Code Execution

...Read More ...

Continue Reading
Improper access control

DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an improper access control vulnerability in EHAC component. A remote unauthenticated attacker could potentially exploit th ...

Continue Reading
CVE-2023-39244

DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an improper access control vulnerability in EHAC component. A remote unauthenticated attacker could potentially exploit th ...

Continue Reading
php:8.1 security update

An update is available for module.php-pecl-apcu, module.php-pecl-xdebug3, module.php-pecl-zip, module.php-pecl-rrd, php-pecl-rrd, php-pecl-zip, php-pecl-xdebug3, php-pecl-apcu. This update affects Roc ...

Continue Reading
Ivanti SAML – Server Side Request Forgery (SSRF)

A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access cert ...

Continue Reading
Cisco Expressway Series XSRF (cisco-sa-expressway-csrf-KnnZDMj3)

According to its self-reported version, Cisco Expressway Series is affected by multiple vulnerabilities. A vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server ...

Continue Reading
Cross site request forgery (csrf)

A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CS ...

Continue Reading

Back to Main

Subscribe for the latest news: