BACK TO INTEL

Archives

Classification

Clear Filter
Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
ERP
Information Technology
Infrastructure
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Cisco ASA and FTD
Cisco Security Appliances
Fortinet Ecosystem
Fortinet SSL-VPN
Management Plane Security
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

FeedNetwork Infrastructure

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2018-13374

Critical Security Advisory: Addressing CVE-2018-13374 Improper Access Control in Fortinet FortiOS and FortiADC

Fortinet FortiOS and FortiADC contain an improper access control vulnerability that allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server.

FortiOS and FortiADC
View Detail
CVE-2022-40684

Critical Security Advisory: Resolving CVE-2022-40684 Authentication Bypass in Fortinet Products

Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

FortiOS, FortiProxy, FortiSwitchManager
View Detail
CVE-2022-42475

CVE-2022-42475: Critical Fortinet FortiOS SSL-VPN Heap-Based Buffer Overflow Advisory

Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.

FortiOS
View Detail
CVE-2023-20269

CVE-2023-20269: Mitigating Unauthorized Access in Cisco ASA and Firepower Threat Defense VPNs

Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.

Adaptive Security Appliance and Firepower Threat Defense
View Detail
CVE-2020-3259

Critical Vulnerability Advisory: Defending Against Cisco ASA and FTD Memory Disclosure (CVE-2020-3259)

Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) contain an information disclosure vulnerability. An attacker could retrieve memory contents on an affected device, which could lead to the disclosure of confidential information due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. This vulnerability affects only specific AnyConnect and WebVPN configurations.

Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)
View Detail
CVE-2026-20122

Cisco Catalyst SD-WAN Manager API Vulnerability (CVE-2026-20122): Risk Assessment and Remediation Guide

Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.

Catalyst SD-WAN Manager
View Detail