Security Advisories

Impact	Advisory ID Sort ascending	Title	CVE	Published Date
Medium	WGSA-2022-00013	Firebox Authenticated Arbitrary File Read Vulnerability		2022-06-23
Medium	WGSA-2022-00012	OpenSSL Command Injection Vulnerability (CVE-2022-1292)	CVE-2022-1292	2022-05-20
High	WGSA-2022-00011	OpenSSL Certificate Processing DoS Vulnerability (CVE-2022-0778)	CVE-2022-0778	2022-04-14
Critical	WGSA-2022-00010	Java Spring Framework RCE aka Spring4Shell (CVE-2022-22965)	CVE-2022-22965	2022-03-30
Medium	WGSA-2022-00009	Firebox Unauthorized User Password Modification Vulnerability	CVE-2022-25363	2022-02-23
High	WGSA-2022-00008	Firebox Authenticated Arbitrary File Upload Vulnerability	CVE-2022-25360	2022-02-23
High	WGSA-2022-00007	Firebox Authenticated Stack Overflow Vulnerability via Malicious Firmware Update - B	CVE-2022-25293	2022-02-23
High	WGSA-2022-00006	Firebox Authenticated Stack Overflow Vulnerability via Malicious Firmware Update - A	CVE-2022-25292	2022-02-23
High	WGSA-2022-00005	Firebox Authenticated Heap Overflow Vulnerability via Malicious Firmware Update	CVE-2022-25291	2022-02-23
Critical	WGSA-2022-00004	Firebox Unauthenticated Arbitrary FIle Delete Vulnerability	CVE-2022-25361	2022-02-23
Medium	WGSA-2022-00003	Firebox Unauthorized Certificate Private Key Retrieval Vulnerability	CVE-2022-25290	2022-02-23
Critical	WGSA-2022-00002	Firebox Unauthenticated Remote Code Execution Vulnerability	CVE-2022-26318	2022-02-23
High	WGSA-2022-00001	Polkit pkexec Local Privilege Escalation Vulnerability (CVE-2021-4034)	CVE-2021-4034	2022-01-26
High	WGSA-2021-00005	Firebox WebUI Business Logic Vulnerability		2021-12-30
High	WGSA-2021-00004	Firebox Management Privilege Escallation Vulnerability	CVE-2022-23176	2021-12-30
Critical	WGSA-2021-00003	Log4j2 Remote Code Execution Vulnerability aka Log4Shell (CVE-2021-44228)	CVE-2021-44228	2021-12-09
High	WGSA-2021-00002	MacOS SSL VPN Privilege Escalation Vulnerability		2021-08-05
High	WGSA-2021-00001	Firebox Privilege Escalation Vulnerability		2021-08-02
High	WGSA-2019-00002	Inferring and hijacking VPN-tunneled TCP connections	CVE-2019-14899	2019-12-09
High	WGSA-2019-00001	TCP SACK PANIC – Kernel Vulnerabilities	CVE-2019-11477, CVE-2019-11478, CVE-2019-11479	2019-06-18
Medium	WGSA-2018-00001	Foreshadow Speculative Execution Attacks	CVE-2018-3646, CVE-2018-3620, CVE-2018-3615	2018-08-14