CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Request a Demo

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Request a Demo
Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP

Security Advisories

Spending each day immersed in penetration tests and research into the latest threats, our SpiderLabs® experts occasionally discover new vulnerabilities as a part of their work. When that happens, we follow our established disclosure policy which results in published advisories such as these.

Learn more about our disclosure policy

Latest Advisory

Authentication Coercion Vulnerability in Kyocera Device Manager

January 08, 2024 - TWSL2024-001

Download | Read

Advisory Archive

Title
Date
Advisory
Links
Vulnerabilities in Xiaomi Redmi Note 10S and ST54-android-packages-apps-Nfc library
December 22, 2023
TWSL2023-007
Download | Read
192
Default MSSQL Database Password in Natus NeuroWorks EEG Software
November 07, 2023
TWSL2023-006
Download | Read
191
SQL Injection in Vanderbilt University RedCap
July 21, 2023
TWSL2023-005
Download | Read
190
Improper input validation in shadow-utils package utility chfn
April 12, 2023
TWSL2023-004
Download | Read
189
Information Disclosure Vulnerabilities in MoneyLover
February 07, 2023
TWSL2023-003
Download | Read
188
Input validation Vulnerability in CRUSHFTP
February 02, 2023
TWSL2023-002
Download | Read
187
Capture-Replay Vulnerability in Sinilink Wifi Remote Thermostat
January 20, 2023
TWSL2023-001
Download | Read
186
Vulnerabilities in Canon Medical Vitrea View
September 29, 2022
TWSL2022-003
Download | Read
185
Multiple Vulnerabilities in Oracle Communications Session Border Controller (SBC)
August 23, 2022
TWSL2022-002
Download | Read
184
Authentication Bypass by Capture-replay in DingTian 2 Channel Relay Board/Relay Card
July 12, 2022
TWSL2022-001
Download | Read
183
Privilege Escalation in CrypKey License Software Licensing System
November 04, 2021
TWSL2021-019
Download | Read
182
Authenticated Stored XSS in WordPress Plugin Age Gate
October 06, 2021
TWSL2021-018
Download | Read
181
Multiple Authenticated Stored XSS in WordPress Plugin Inline Related Posts
October 06, 2021
TWSL2021-017
Download | Read
180
Stored XSS in WordPress Plugin Timetable and Event Schedule by MotoPress
August 31, 2021
TWSL2021-016
Download | Read
179
CSRF Vulnerability in WordPress Plugin Comment Link Remove and Other Comment Tools
August 20, 2021
TWSL2021-015
Download | Read
178
Authenticated SQL Injection in WordPress Plugin WP Simple Booking Calendar
August 06, 2021
TWSL2021-014
Download | Read
177
Authenticated SQL Injection in WordPress Plugin Stop Bad Bots
August 06, 2021
TWSL2021-013
Download | Read
176
Vulnerabilities in WordPress Plugin Membership & Content Restriction - Paid Member Subscriptions
August 06, 2021
TWSL2021-012
Download | Read
175
Privacy Issues in Telegram Self-Destruct Feature on macOS
August 05, 2021
TWSL2021-011
Download | Read
174
Remote File Access Vulnerability in ON24 ScreenShare Plugin for macOS
July 21, 2021
TWSL2021-010
Download | Read
173
Persistent Cross-Site Scripting in SolarWinds Serv-U FTP Server
July 06, 2021
TWSL2021-009
Download | Read
172
Code Execution Vulnerability in Huawei Mobile Broadband HL Service
June 02, 2021
TWSL2021-008
Download | Read
171
Multiple Vulnerabilities in AURALL REC MONITOR
April 22, 2021
TWSL2021-007
Download | Read
170
SQLi in WordPress Plugin Simple Membership
April 05, 2021
TWSL2021-006
Download | Read
169
Privilege Escalation Vulnerability in Umbraco
April 01, 2021
TWSL2021-005
Download | Read
168
Stored Authenticated XSS in WordPress Plugin Virtual Robots.txt
March 31, 2021
TWSL2021-004
Download | Read
167
Incorrect SSLv2 rollback protection Vulnerability in OpenSSL
February 18, 2021
TWSL2021-003
Download | Read
166
Weak ACLs Vulnerability in SolarWinds Serv-U FTP Server 15.2.1 on Windows
February 03, 2021
TWSL2021-002
Download | Read
165
Multiple Vulnerabilities in SolarWinds Orion
February 03, 2021
TWSL2021-001
Download | Read
164
Multiple Vulnerabilities in D-Link DSL-2888A
December 17, 2020
TWSL2020-011
Download | Read
163
Multiple Vulnerabilities in Magic Home Pro Mobile Application
December 15, 2020
TWSL2020-010
Download | Read
162
Multiple Cleartext Protocol Vulnerabilities in WinZip
December 10, 2020
TWSL2020-009
Download | Read
161
Lack of Access Control in GO SMS Pro
November 19, 2020
TWSL2020-008
Download | Read
160
Multiple Vulnerabilities in Modicon M221 controllers and EcoStruxure Machine Expert - Basic Programming Software
November 12, 2020
TWSL2020-007
Download | Read
159
Multiple Vulnerabilities in SAP Adaptive Server Enterprise
September 24, 2020
TWSL2020-006
Download | Read
158
Information Disclosure and Denial of Service Vulnerability in IBM Db2
August 20, 2020
TWSL2020-005
Download | Read
157
Multiple Vulnerabilities in ASUS RT-AC1900P router
July 23, 2020
TWSL2020-004
Download | Read
156
Memory information leakage vulnerability in Cisco Webex Meetings Windows Client
June 18, 2020
TWSL2020-003
Download | Read
155
Multiple Vulnerabilities in SAP Adaptive Server Enterprise
June 02, 2020
TWSL2020-002
Download | Read
154

Related SpiderLabs Blogs