CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Security Advisories

Spending each day immersed in penetration tests and research into the latest threats, our SpiderLabs® experts occasionally discover new vulnerabilities as a part of their work. When that happens, we follow our established disclosure policy which results in published advisories such as these.

Learn more about our disclosure policy

Latest Advisory


Authentication Coercion Vulnerability in Kyocera Device Manager

January 08, 2024 - TWSL2024-001

Download | Read

Advisory Archive

Title
Date
Advisory
Multiple Vulnerabilities in Schneider Electric Products
May 07, 2020
TWSL2020-001
153
Multiple Vulnerabilities in SatLink VSAT Modem Units (vmu)
November 21, 2019
TWSL2019-010
152
Insufficiently Protected Credentials in Shelter Manager ASM 2 Series
October 25, 2019
TWSL2019-009
151
Vulnerabilities in D-Link Products
September 10, 2019
TWSL2019-008
150
Vulnerabilities in Comba Products
September 10, 2019
TWSL2019-007
149
Multiple Vulnerabilities in SanDisk SSD Dashboard
July 31, 2019
TWSL2019-006
148
Hardcoded credentials in Uniguest Kiosks
July 11, 2019
TWSL2019-005
147
Expression Injection Vulnerability in Qlik Products
June 04, 2019
TWSL2019-004
146
Multiple Vulnerabilities in Grandstream Products
March 21, 2019
TWSL2019-003
145
Vulnerabilities in SolarWinds Database Performance Analyzer
March 21, 2019
TWSL2019-002
144
OS Command Injection Vulnerabilities in LifeSize Products
February 07, 2019
TWSL2019-001
143
Kernel Buffer Overflow in IBM Trusteer Rapport
December 20, 2018
TWSL2018-012
142
Use after free vulnerability in QFX Software KeyScrambler
October 02, 2018
TWSL2018-011
141
Credential Leak Flaws in Windows PureVPN Client
September 27, 2018
TWSL2018-010
140
CVE-2018-16962: Webroot SecureAnywhere macOS Kernel Level Memory Corruption
September 13, 2018
TWSL2018-009
139
CVE-2018-8006 - Cross-Site Scripting (XSS) Vulnerability in Apache ActiveMQ
August 24, 2018
TWSL2018-008
138
CVE-2018-2892 - Kernel Level Privilege Escalation in Oracle Solaris
July 24, 2018
TWSL2018-007
137
Unpatched Remote Code Execution in Reprise License Manager
July 18, 2018
TWSL2018-006
136
Vulnerability in WD My Cloud personal cloud storage
October 29, 2018
TWSL2018-005
135
Vulnerabilities in NETGEAR Nighthawk X4S router (R7800)
February 07, 2018
TWSL2018-004
134
Vulnerabilities in NETGEAR R8500 router firmware
February 07, 2018
TWSL2018-003
133
Vulnerabilities in NETGEAR R8500 router firmware
February 07, 2018
TWSL2018-002
132
Multiple Vulnerabilities in WD My Cloud personal cloud storage
February 01, 2018
TWSL2018-001
131
Remote Unauthenticated DoS in Debut embedded httpd server used by Brother printers.
November 17, 2017
TWSL2017-017
130
Local kernel heap buffer overflow Vulnerability in ESET DESLock+ client application
August 15, 2017
TWSL2017-016
129
Multiple Vulnerabilities in ManageEngine Applications Manager
August 09, 2017
TWSL2017-015
128
Multiple Authentication Bypass Vulnerabilities in ManageEngine Applications Manager
July 26, 2017
TWSL2017-013
127
Remote un-authenticated DoS in IPsec-Tools Racoon
July 09, 2017
TWSL2017-012
126
Lockscreen Lockout Bypass in Elephone P9000 Android Smartphone
June 28, 2017
TWSL2017-011
125
Multiple Vulnerabilities in Humax Routers
June 28, 2017
TWSL2017-010
124
Multiple Vulnerabilities in Avast Antivirus
March 31, 2017
TWSL2017-009
123
Unauthenticated Privilege Escalation Vulnerability in Serv-U FTP/MFT Server
March 22, 2017
TWSL2017-008
122
Undocumented Backdoor Account in DBLTek GoIP
March 02, 2017
TWSL2017-007
121
Multiple Vulnerabilities in Polystar Jupiter
February 22, 2017
TWSL2017-006
120
Improper Input Validation Vulnerability in SAP Adaptive Server Enterprise
February 13, 2017
TWSL2017-005
119
Unauthenticated Backdoor Access in Unanet
February 08, 2017
TWSL2017-004
118
Multiple Vulnerabilities in NETGEAR Routers
January 30, 2017
TWSL2017-003
117
Multiple Vulnerabilities in McAfee Security Scan Plus
January 23, 2017
TWSL2017-002
116
Multiple Vulnerabilities in Digitech Systems PaperVision Enterprise
January 11, 2017
TWSL2017-001
115
Plugin authentication by-pass Vulnerability in Microsoft Skype for Mac OS-X
December 13, 2016
TWSL2016-021
114