Summary A path traversal vulnerability in the FortiOS SSL VPN web portal may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests. Impact Information Disclosure Affected Products FortiOS 6.0 – 6.0.0 to 6.0.4 FortiOS 5.6 – 5.6.3 to 5.6.7 FortiOS 5.4 – 5.4.6 to [...]
Information Product Affected Pulse Connect Secure, Pulse Policy Secure Problem Multiple vulnerabilities were discovered and have been resolved in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS). This includes an authentication by-pass vulnerability that can allow an unauthenticated user to perform a remote arbitrary file access on the Pulse Connect [...]
Overview Pulse Secure SSL VPN contains multiple vulnerabilities that can allow remote unauthenticated remote attacker to compromise the VPN server and connected clients. Description Pulse Secure released an out-of-cycle advisory along with software patches for the various affected products on April 24, 2019. This addressed a number of vulnerabilities including [...]
CVE: CVE-2019-6475 Document version: 2.0 Posting date: 16 October 2019 Program impacted: BIND Versions affected: BIND 9.14.0 -> 9.14.6 Also releases 9.15.0 -> 9.15.4 of the BIND 9.15 development branch. Severity: Medium Exploitable: Remotely Description: Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by [...]
