| Medium |
WGSA-2023-00002 |
Firebox Authenticated Arbitrary File Read Vulnerability |
CVE-2023-2357 |
|
| Medium |
WGSA-2023-00001 |
OpenSSH Server 9.1 Double Free Vulnerability (CVE-2023-25136) |
CVE-2023-25136 |
|
| High |
WGSA-2022-00021 |
OpenSSL CVE-2022-3602 and CVE-2022-3786 |
CVE-2022-3602, CVE-2022-3786 |
|
| High |
WGSA-2022-00020 |
OpenVPN Unauthenticated Access To Control Channel Data (CVE-2020-15078) |
CVE-2020-15078 |
|
| Medium |
WGSA-2022-00019 |
Firebox Limited Authenticated Arbitrary File Read/Write Vulnerability |
CVE-2022-31749 |
|
| Medium |
WGSA-2022-00018 |
Firebox Local Privilege Escallation Vulnerability |
|
|
| High |
WGSA-2022-00017 |
Firebox Information Disclosure Vulnerability |
CVE-2022-31790 |
|
| Critical |
WGSA-2022-00016 |
Firebox Authenticated Stack Overflow Vulnerability va CLI Interface |
CVE-2022-25362 |
|
| Critical |
WGSA-2022-00015 |
Firebox Unauthenticated Buffer Overflow Vulnerability |
CVE-2022-31789 |
|
| Medium |
WGSA-2022-00014 |
Firebox WebUI Stored Cross-Site Scripting (XSS) Vulnerability |
CVE-2022-31792 |
|
| Medium |
WGSA-2022-00013 |
Firebox Authenticated Arbitrary File Read Vulnerability |
|
|
| Medium |
WGSA-2022-00012 |
OpenSSL Command Injection Vulnerability (CVE-2022-1292) |
CVE-2022-1292 |
|
| High |
WGSA-2022-00011 |
OpenSSL Certificate Processing DoS Vulnerability (CVE-2022-0778) |
CVE-2022-0778 |
|
| Critical |
WGSA-2022-00010 |
Java Spring Framework RCE aka Spring4Shell (CVE-2022-22965) |
CVE-2022-22965 |
|
| Medium |
WGSA-2022-00009 |
Firebox Unauthorized User Password Modification Vulnerability |
CVE-2022-25363 |
|
| High |
WGSA-2022-00008 |
Firebox Authenticated Arbitrary File Upload Vulnerability |
CVE-2022-25360 |
|
| High |
WGSA-2022-00007 |
Firebox Authenticated Stack Overflow Vulnerability via Malicious Firmware Update - B |
CVE-2022-25293 |
|
| High |
WGSA-2022-00006 |
Firebox Authenticated Stack Overflow Vulnerability via Malicious Firmware Update - A |
CVE-2022-25292 |
|
| High |
WGSA-2022-00005 |
Firebox Authenticated Heap Overflow Vulnerability via Malicious Firmware Update |
CVE-2022-25291 |
|
| Critical |
WGSA-2022-00004 |
Firebox Unauthenticated Arbitrary FIle Delete Vulnerability |
CVE-2022-25361 |
|
| Medium |
WGSA-2022-00003 |
Firebox Unauthorized Certificate Private Key Retrieval Vulnerability |
CVE-2022-25290 |
|
| Critical |
WGSA-2022-00002 |
Firebox Unauthenticated Remote Code Execution Vulnerability |
CVE-2022-26318 |
|
| High |
WGSA-2022-00001 |
Polkit pkexec Local Privilege Escalation Vulnerability (CVE-2021-4034) |
CVE-2021-4034 |
|
| High |
WGSA-2021-00005 |
Firebox WebUI Business Logic Vulnerability |
|
|
| High |
WGSA-2021-00004 |
Firebox Management Privilege Escallation Vulnerability |
CVE-2022-23176 |
|
| Critical |
WGSA-2021-00003 |
Log4j2 Remote Code Execution Vulnerability aka Log4Shell (CVE-2021-44228) |
CVE-2021-44228 |
|
| High |
WGSA-2021-00002 |
MacOS SSL VPN Privilege Escalation Vulnerability |
|
|
| High |
WGSA-2021-00001 |
Firebox Privilege Escalation Vulnerability |
|
|
| High |
WGSA-2019-00002 |
Inferring and hijacking VPN-tunneled TCP connections |
CVE-2019-14899 |
|
| High |
WGSA-2019-00001 |
TCP SACK PANIC – Kernel Vulnerabilities |
CVE-2019-11477, CVE-2019-11478, CVE-2019-11479 |
|
| Medium |
WGSA-2018-00001 |
Foreshadow Speculative Execution Attacks |
CVE-2018-3646, CVE-2018-3620, CVE-2018-3615 |
|
