Full Skyway Support Library

What is it? Zimbra is an email server/client suite that integrates web and email clients and calendars. A vulnerablity has been found that allows specially crafted emails that contain server commands in the CC: field. The Bleeping Computer article "Critical Zimbra RCE...

What is it? Microsoft Sharepoint (Enterprise, 2019 and 2016) servers are being actively attacked (as of 2025-07-19). Why is it a risk? Using this vulnerability, an attacker can execute arbitrary code on your server from a remote location. This is considered a HIGH...

What is it? SolarWinds Serv-U provides Managed File Transfer over HTTP. Versions 15.4.2 HF 1 and earlier contain a programming error that makes the network vulnerable to "directory traversal" attacks. Why is it a risk? Directory traversal (aka "path traversal")...

What is it? N-central (from N-able) is commonly used by managed services providers (MSPs) and IT departments to monitor, manage, and maintain client networks and devices from a centralized web-based console. There are two simultaneous threats: - The first allows...

What is it? Cisco sells a wide variety of network products for voice-over-IP, routing, switching, network management, network security, video streaming and wireless services. Many of these products use Open Secure Shell (Open SSH) for network security. A vulnerability...

What is it? GlobalProtect, a feature of the Palo Alto networks PAN-OS, allows remote users to access local and Internet resources. A weakness in the software allows an attacker to create arbitrary files and inject arbitrary commands. This issue is applicable to PAN-OS...

What is it? ConnectWise ScreenConnect provides remote support (remote control) to help you support your staff. Remote Control software is naturally an attractive target for cyber attackers. ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication...

What is it? Secure Shell (SSH) allows commands to be sent securely to computers remotely across unsecure networks (like the Internet). Certain versions of SSH allow an attacker with the ability to intercept SSH traffic, downgrade connection security and force the...

What is it? Fortinet offers virtual private network (SSL VPN) and firewall products as part of FortiOS and FortiProxy. Why is it a risk? An attacker can overflow a buffer to allow remote, unauthorized, execution of arbitrary code. This is considered a CRITICAL problem...

What is it? Microsoft Windows (versions 7, 8 and Server versions 2008-2012) HTTP.sys file could allow remote code execution if an attacker sends a specially crafted HTTP request to an affected Windows system. The Microsoft link below provides a description and a list...