KL-001-2015-001 : Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege
Escalation
Title: Microsoft Windows Server 2003 SP2 Arbitrary Write Privilege Escalation
Advisory ID: KL-001-2015-001
Publication Date: 2015.01.28
Publication URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
KL-001-2015-002 : Piriform CCleaner Wiped Filename Recovery
Title: Piriform CCleaner Wiped Filename Recovery
Advisory ID: KL-001-2015-002
Publication Date: 2015.05.18
Publication URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write
Privilege Escalation
Title: XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation
Advisory ID: KL-001-2015-004
Publication Date: 2015.09.01
Publication URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege
Escalation
Title: SiS Windows VGA Display Manager Multiple Privilege Escalation
Advisory ID: KL-001-2015-003
Publication Date: 2015.09.01
Publication URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
KL-001-2015-006 : Linksys EA6100 Wireless Router Authentication Bypass
Title: Linksys EA6100 Wireless Router Authentication Bypass
Advisory ID: KL-001-2015-006
Publication Date: 2015.12.04
Publication URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password
Title: Seagate GoFlex Satellite Remote Telnet Default Password
Advisory ID: KL-001-2015-007
Publication Date: 2015.12.18
Publication URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to
Arbitrary Address
Title: Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary
Address
Advisory ID: KL-001-2015-008
Publication Date: 2015.12.18
Publication
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution
Title: Arris DG1670A Cable Modem Remote Command Execution
Advisory ID: KL-001-2016-001
Publication Date: 2016.02.12
Publication URL:
KL-001-2016-002 : Ubiquiti Administration Portal CSRF to Remote Command
Execution
Title: Ubiquiti Administration Portal CSRF to Remote Command Execution
Advisory ID: KL-001-2016-002
Publication Date: 2016.06.28
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2016-002.txt
KL-001-2016-003 : SQLite Tempdir Selection Vulnerability
Title: SQLite Tempdir Selection Vulnerability
Advisory ID: KL-001-2016-003
Publication Date: 2016.07.01
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2017-003 : Trendmicro InterScan Remote Root Access Vulnerability
Title: Trendmicro InterScan Remote Root Access Vulnerability
Advisory ID: KL-001-2017-003
Publication Date: 2017.02.15
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-003.txt
1. Vulnerability
KL-001-2016-006 : Cisco Firepower Threat Management Console Local File Inclusion
Title: Cisco Firepower Threat Management Console Local File Inclusion
Advisory ID: KL-001-2016-006
Publication Date: 2016.10.05
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2016-006.txt
KL-001-2016-007 : Cisco Firepower Threat Management Console Remote Command
Execution Leading to Root Access
Title: Cisco Firepower Threat Management Console Remote Command Execution
Leading to Root Access
Advisory ID: KL-001-2016-007
Publication Date: 2016.10.05
Publication URL:
KL-001-2016-004 : Cisco Firepower Threat Management Console Authenticated Denial
of Service
Title: Cisco Firepower Threat Management Console Authenticated Denial of Service
Advisory ID: KL-001-2016-004
Publication Date: 2016.10.05
Publication URL:
KL-001-2016-008 : Sophos Web Appliance Privilege Escalation
Title: Sophos Web Appliance Privilege Escalation
Advisory ID: KL-001-2016-008
Publication Date: 2016.11.03
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2016-008.txt
1. Vulnerability Details
Affected
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution
Title: Sophos Web Appliance Remote Code Execution
Advisory ID: KL-001-2016-009
Publication Date: 2016.11.03
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2016-009.txt
1. Vulnerability Details
Affected
KL-001-2017-004 : WatchGuard XTMv User Management Cross-Site Request Forgery
Title: WatchGuard XTMv User Management Cross-Site Request Forgery
Advisory ID: KL-001-2017-004
Publication Date: 2017.03.10
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-004.txt
1.
KL-001-2017-011 : Barracuda WAF Internal Development Credential Disclosure
Title: Barracuda WAF Internal Development Credential Disclosure
Advisory ID: KL-001-2017-011
Publication Date: 2017.07.06
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-011.txt
1.
KL-001-2017-010 : Barracuda WAF Early Boot Root Shell
Title: Barracuda WAF Early Boot Root Shell
Advisory ID: KL-001-2017-010
Publication Date: 2017.07.06
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-010.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2017-013 : Barracuda WAF Management Application Username and Session ID
Leak
Title: Barracuda WAF Management Application Username and Session ID Leak
Advisory ID: KL-001-2017-013
Publication Date: 2017.07.06
Publication URL:
KL-001-2017-014 : Barracuda WAF Support Tunnel Hijack
Title: Barracuda WAF Support Tunnel Hijack
Advisory ID: KL-001-2017-014
Publication Date: 2017.07.06
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-014.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2017-015 : Solarwinds LEM Hardcoded Credentials
Title: Solarwinds LEM Hardcoded Credentials
Advisory ID: KL-001-2017-015
Publication Date: 2017.07.06
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-015.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2017-006 : Solarwinds LEM Privilege Escalation via Sudo Script Abuse
Title: Solarwinds LEM Privilege Escalation via Sudo Script Abuse
Advisory ID: KL-001-2017-006
Publication Date: 2017.04.24
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-006.txt
1.
KL-001-2017-007 : Solarwinds LEM Management Shell Escape via Command Injection
Title: Solarwinds LEM Management Shell Escape via Command Injection
Advisory ID: KL-001-2017-007
Publication Date: 2017.04.24
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-007.txt
1.
KL-001-2017-008 : Solarwinds LEM Management Shell Arbitrary File Read
Title: Solarwinds LEM Management Shell Arbitrary File Read
Advisory ID: KL-001-2017-008
Publication Date: 2017.04.24
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-008.txt
1. Vulnerability
KL-001-2017-016 : Solarwinds LEM Insecure Update Process
Title: Solarwinds LEM Insecure Update Process
Advisory ID: KL-001-2017-016
Publication Date: 2017.09.25
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-016.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2017-022 : Splunk Local Privilege Escalation
Title: Splunk Local Privilege Escalation
Advisory ID: KL-001-2017-022
Publication Date: 2017.11.03
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-022.txt
1. Vulnerability Details
Affected Vendor: Splunk
KL-001-2017-019 : Sonicwall WXA5000 Console Jail Escape and Privilege Escalation
Title: Sonicwall WXA5000 Console Jail Escape and Privilege Escalation
Advisory ID: KL-001-2017-019
Publication Date: 2017.10.24
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2017-019.txt
KL-001-2017-020 : Sophos UTM 9 loginuser Privilege Escalation via Insecure
Directory Permissions
Title: Sophos UTM 9 loginuser Privilege Escalation via Insecure Directory
Permissions
Advisory ID: KL-001-2017-020
Publication Date: 2017.10.24
Publication URL:
KL-001-2018-008 : HPE VAN SDN Unauthenticated Remote Root Vulnerability
Title: HPE VAN SDN Unauthenticated Remote Root Vulnerability
Advisory ID: KL-001-2018-008
Publication Date: 2018.06.25
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2018-008.txt
1. Vulnerability Details
KL-001-2018-001 : Sophos Web Gateway Persistent Cross Site Scripting
Vulnerability
Title: Sophos Web Gateway Persistent Cross Site Scripting Vulnerability
Advisory ID: KL-001-2018-001
Publication Date: 2018.01.26
Publication URL:
KL-001-2018-005 : NetEx HyperIP Local File Inclusion Vulnerability
Title: NetEx HyperIP Local File Inclusion Vulnerability
Advisory ID: KL-001-2018-005
Publication Date: 2018.02.08
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2018-005.txt
1. Vulnerability Details
KL-001-2018-002 : NetEx HyperIP Authentication Bypass
Title: NetEx HyperIP Authentication Bypass
Advisory ID: KL-001-2018-002
Publication Date: 2018.02.08
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2018-002.txt
1. Vulnerability Details
Affected Vendor: NetEx
KL-001-2018-004 : NetEx HyperIP Privilege Escalation Vulnerability
Title: NetEx HyperIP Privilege Escalation Vulnerability
Advisory ID: KL-001-2018-004
Publication Date: 2018.02.08
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2018-004.txt
1. Vulnerability Details
KL-001-2018-006 : Trend Micro IMSVA Management Portal Authentication Bypass
Title: Trend Micro IMSVA Management Portal Authentication Bypass
Advisory ID: KL-001-2018-006
Publication Date: 2018.02.08
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2018-006.txt
1.
KL-001-2018-003 : NetEx HyperIP Post-Auth Command Execution
Title: NetEx HyperIP Post-Auth Command Execution
Advisory ID: KL-001-2018-003
Publication Date: 2018.02.08
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2018-003.txt
1. Vulnerability Details
Affected
KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service
Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service
Advisory ID: KL-001-2018-007
Publication Date: 2018.03.02
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2018-007.txt
1.
KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service
Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service
Advisory ID: KL-001-2018-007
Publication Date: 2018.03.02
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2018-007.txt
1.
KL-001-2018-009 : Dell OpenManage Network Manager Multiple Vulnerabilities
Title: Dell OpenManage Network Manager Multiple Vulnerabilities
Advisory ID: KL-001-2018-009
Publication Date: 2018.11.05
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2018-009.txt
1.
KL-001-2020-001 : Cellebrite Hardcoded ADB Authentication Keys
Title: Cellebrite Hardcoded ADB Authentication Keys
Advisory ID: KL-001-2020-001
Publication Date: 2020.04.13
Publication URL:
https://www.korelogic.com/Resources/Advisories/KL-001-2020-001.txt
1. Vulnerability Details
KL-001-2020-002 : Cellebrite Restricted Desktop Escape and Escalation of User
Privilege
Title: Cellebrite Restricted Desktop Escape and Escalation of User Privilege
Advisory ID: KL-001-2020-002
Publication Date: 2020.05.14
Publication URL:
KL-001-2020-003 : Cellebrite EPR Decryption Relies on Hardcoded AES Key Material
Title: Cellebrite EPR Decryption Relies on Hardcoded AES Key Material
Advisory ID: KL-001-2020-003
Publication Date: 2020.06.29
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-003.txt
1.
KL-001-2020-004 : Barco wePresent Hardcoded API Credentials
Title: Barco wePresent Hardcoded API Credentials
Advisory ID: KL-001-2020-004
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-004.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2020-009 : Barco wePresent Insecure Firmware Image
Title: Barco wePresent Insecure Firmware Image
Advisory ID: KL-001-2020-009
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-009.txt
1. Vulnerability Details
Affected Vendor:
KL-001-2020-005 : Barco wePresent Admin Credentials Exposed In Plain-text
Title: Barco wePresent Admin Credentials Exposed In Plain-text
Advisory ID: KL-001-2020-005
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-005.txt
1. Vulnerability
KL-001-2020-006 : Barco wePresent Authentication Bypass
Title: Barco wePresent Authentication Bypass
Advisory ID: KL-001-2020-006
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-006.txt
1. Vulnerability Details
Affected Vendor: Barco
KL-001-2020-007 : Barco wePresent Undocumented SSH Interface Accessible Via Web
UI
Title: Barco wePresent Undocumented SSH Interface Accessible Via Web UI
Advisory ID: KL-001-2020-007
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-007.txt
KL-001-2020-008 : Barco wePresent Global Hardcoded Root SSH Password
Title: Barco wePresent Global Hardcoded Root SSH Password
Advisory ID: KL-001-2020-008
Publication Date: 2020.11.20
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2020-008.txt
1. Vulnerability Details
KL-001-2021-004: CommScope Ruckus IoT Controller Hard-coded Web Application
Administrator Password
Title: CommScope Ruckus IoT Controller Hard-coded Web Application Administrator
Password
Advisory ID: KL-001-2021-004
Publication Date: 2021.05.26
Publication URL:
KL-001-2021-006: CommScope Ruckus IoT Controller Web Application Arbitrary
Read/Write
Title: CommScope Ruckus IoT Controller Web Application Arbitrary Read/Write
Advisory ID: KL-001-2021-006
Publication Date: 2021.05.26
Publication URL:
KL-001-2021-003: CommScope Ruckus IoT Controller Hard-coded System Passwords
Title: CommScope Ruckus IoT Controller Hard-coded System Passwords
Advisory ID: KL-001-2021-003
Publication Date: 2021.05.26
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-003.txt
1.
KL-001-2021-007: CommScope Ruckus IoT Controller Undocumented Account
Title: CommScope Ruckus IoT Controller Undocumented Account
Advisory ID: KL-001-2021-007
Publication Date: 2021.05.26
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-007.txt
1. Vulnerability Details
KL-001-2021-001: CommScope Ruckus IoT Controller Unauthenticated API Endpoints
Title: CommScope Ruckus IoT Controller Unauthenticated API Endpoints
Advisory ID: KL-001-2021-001
Publication Date: 2021.05.26
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-001.txt
1.
KL-001-2021-005: CommScope Ruckus IoT Controller Web Application Directory
Traversal
Title: CommScope Ruckus IoT Controller Web Application Directory Traversal
Advisory ID: KL-001-2021-005
Publication Date: 2021.05.26
Publication URL:
KL-001-2021-002: CommScope Ruckus IoT Controller Hard-coded API Keys Exposed
Title: CommScope Ruckus IoT Controller Hard-coded API Keys Exposed
Advisory ID: KL-001-2021-002
Publication Date: 2021.05.26
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-002.txt
1.
KL-001-2021-008: CyberArk Credential File Insufficient Effective Key Space
Title: CyberArk Credential File Insufficient Effective Key Space
Advisory ID: KL-001-2021-008
Publication Date: 2021.09.01
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-008.txt
1. Vulnerability
KL-001-2021-009: CyberArk Credential Provider Race Condition And Authorization
Bypass
Title: CyberArk Credential Provider Race Condition And Authorization Bypass
Advisory ID: KL-001-2021-009
Publication Date: 2021.09.01
Publication URL:
KL-001-2021-010:CyberArk Credential Provider Local Cache Can Be Decrypted
Title: CyberArk Credential Provider Local Cache Can Be Decrypted
Advisory ID: KL-001-2021-010
Publication Date: 2021.09.01
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2021-010.txt
1. Vulnerability
KL-001-2022-001: Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability
Title: Moxa TN-5900 Firmware Upgrade Checksum Validation Vulnerability
Advisory ID: KL-001-2022-001
Publication Date: 2022.01.28
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2022-001.txt
1.
KL-001-2022-002: Moxa TN-5900 Post Authentication Command Injection
Vulnerability
Title: Moxa TN-5900 Post Authentication Command Injection Vulnerability
Advisory ID: KL-001-2022-002
Publication Date: 2022.01.28
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2022-002.txt
1.
KL-001-2023-002: Cisco ThousandEyes Enterprise Agent Virtual Appliance
Privilege Escalation via tcpdump
Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege
Escalation via tcpdump
Advisory ID: KL-001-2023-002
Publication Date: 2023.08.17
Publication URL:
KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance
Arbitrary File Modification via sudoedit
Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File
Modification via sudoedit
Advisory ID: KL-001-2023-003
Publication Date: 2023.08.17
Publication URL:
KL-001-2023-001: Cisco ThousandEyes Enterprise Agent Virtual Appliance
Arbitrary File Read via sudo dig
Title: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File
Read via sudo dig
Advisory ID: KL-001-2023-001
Publication Date: 2023.08.17
Publication URL:
KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible
Unauthenticated
Title: Artica Proxy Loopback Services Remotely Accessible Unauthenticated
Advisory ID: KL-001-2024-004
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-004.txt
KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability
Title: Artica Proxy Unauthenticated File Manager Vulnerability
Advisory ID: KL-001-2024-003
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-003.txt
1. Vulnerability
KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability
Title: Artica Proxy Unauthenticated PHP Deserialization Vulnerability
Advisory ID: KL-001-2024-002
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-002.txt
1.
KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass
Vulnerability
Title: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability
Advisory ID: KL-001-2024-001
Publication Date: 2024.03.05
Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-001.txt
67 matches
Mail list logo