Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This plugin only works with Tenable.ot. Please....
9.8CVSS
8.3AI Score
0.002EPSS
Siemens Scalance W1750D Buffer Copy without Checking Size of Input (CVE-2023-45615)
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities...
9.8CVSS
9.1AI Score
0.002EPSS
10CVSS
8.2AI Score
0.957EPSS
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to....
5.8CVSS
5.7AI Score
0.0005EPSS
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to....
5.8CVSS
6.8AI Score
0.0005EPSS
CVE-2024-30389 Junos OS: EX4300 Series: Firewall filter not blocking egress traffic
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to....
5.8CVSS
6AI Score
0.0005EPSS
An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter...
5.8CVSS
6.8AI Score
0.0005EPSS
An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter...
5.8CVSS
5.7AI Score
0.0005EPSS
An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter...
5.8CVSS
5.9AI Score
0.0005EPSS
An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter...
5.8CVSS
6.9AI Score
0.0005EPSS
CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls
On Friday, April 12, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 zero-day vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. According to the vendor advisory, if conditions for exploitability are met, the vulnerability...
10CVSS
9.8AI Score
0.957EPSS
Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack
Palo Alto Networks is warning that a critical flaw impacting PAN-OS software used in its GlobalProtect gateways is being actively exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity. "A command injection vulnerability in the...
10CVSS
9.7AI Score
0.957EPSS
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....
10CVSS
10AI Score
0.957EPSS
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....
10CVSS
10AI Score
0.957EPSS
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....
10CVSS
9.9AI Score
0.957EPSS
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the.....
10CVSS
10AI Score
0.957EPSS
Palo Alto Networks PAN-OS Command Injection Vulnerability
Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the...
10CVSS
8.3AI Score
0.957EPSS
Palo Alto Networks PAN-OS CVE-2024-3400
The version of Palo Alto Networks PAN-OS running on the remote host is affected by a command injection vulnerability as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature...
10CVSS
10AI Score
0.957EPSS
Qualys Endpoint Detection & Response Validated by Top Independent Testing Labs
Qualys is proud to announce that our Endpoint Detection & Response solution has earned top certifications from two of the most respected independent anti-virus testing organizations - SE Labs and AV-Test. These prestigious validations underscore Qualys' mission to deliver best-in-class malware...
7.4AI Score
Summary IBM Sterling B2B Integrator's Document Service container users Apache Tomcat. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-46589 DESCRIPTION: **Apache Tomcat is vulnerable to HTTP request smuggling, caused by improper...
7.5CVSS
7.4AI Score
0.01EPSS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
9.8CVSS
9.6AI Score
0.002EPSS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
7.5CVSS
7.7AI Score
0.963EPSS
Siemens RUGGEDCOM APE1808 before V11.0.1
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
8.8CVSS
6.7AI Score
0.003EPSS
TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...
5.8AI Score
0.0004EPSS
TOTOLINK X2000R before V1.0.0-B20231213.1013 contains a Stored Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall...
5.7AI Score
0.0004EPSS
Juniper Junos OS Vulnerability (JSA79185)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79185 advisory. An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based...
5.8CVSS
5.8AI Score
0.0005EPSS
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...
7.5CVSS
7.4AI Score
0.0004EPSS
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...
7.5CVSS
6.7AI Score
0.0004EPSS
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the...
7.5CVSS
7.4AI Score
0.0004EPSS
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the...
7.5CVSS
7.4AI Score
0.0004EPSS
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL....
7.5CVSS
7.3AI Score
0.0004EPSS
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL....
7.5CVSS
7.4AI Score
0.0004EPSS
CVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the...
7.5CVSS
7.6AI Score
0.0004EPSS
CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual...
7.5CVSS
7.6AI Score
0.0004EPSS
CVE-2024-3382 PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL....
7.5CVSS
7.6AI Score
0.0004EPSS
Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WordPress Core
WordPress 6.5.2 was released yesterday, on April 9, 2024. It included a single security patch, along with a handful of bug fixes. The security patch was for a Stored Cross-Site Scripting vulnerability that could be exploited by both unauthenticated users, when a comment block is present on a page,....
7.2CVSS
5.8AI Score
0.001EPSS
PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL....
7.5CVSS
7AI Score
0.0004EPSS
PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the...
7.5CVSS
7.1AI Score
0.0004EPSS
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files
Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that has been propagating the malware through malicious Windows Script Files (WSFs) since March 2024. "Historically, Raspberry Robin was known to spread through removable media like USB drives, but over time its...
7.3AI Score
Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities
Summary QRadar Suite Software includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version. Vulnerability Details **...
10CVSS
8.9AI Score
0.024EPSS
Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel
Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection (BHI), can be used to leak arbitrary kernel.....
7.1AI Score
EPSS
Summary IBM Content Collector for SAP Applications may be affected by multiple vulnerabilities found in Jetty. Vulnerability Details ** CVEID: CVE-2023-40167 DESCRIPTION: **Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP/1 request header. By sending a...
5.3CVSS
7.1AI Score
0.001EPSS
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.24 or 9.0.x prior to 9.0.17 or 9.1.x prior to 9.1.15-h1 or 10.0.x prior to 10.0.12. It is, therefore, affected by a vulnerability. A vulnerability in Palo Alto Networks PAN-OS software enables a remote...
7.5CVSS
7AI Score
0.0004EPSS
The version of Palo Alto Networks PAN-OS running on the remote host is 9.0.x prior to 9.0.17-h4 or 9.1.x prior to 9.1.17 or 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.3. It is, therefore, affected by a vulnerability. A packet processing mechanism in Palo Alto...
7.5CVSS
7AI Score
0.0004EPSS
Palo Alto Networks PAN-OS 10.1.x < 10.1.11 / 10.2.x < 10.2.5 / 11.0.x < 11.0.3 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.11 or 10.2.x prior to 10.2.5 or 11.0.x prior to 11.0.3. It is, therefore, affected by a vulnerability. A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud...
7.4CVSS
6.9AI Score
0.0004EPSS
The version of Palo Alto Networks PAN-OS running on the remote host is 9.0.x prior to 9.0.17-h2 or 9.1.x prior to 9.1.17 or 10.0.x prior to 10.0.13 or 10.1.x prior to 10.1.10 or 10.2.x prior to 10.2.5 or 11.0.x prior to 11.0.2. It is, therefore, affected by a vulnerability. An incorrect string...
5.3CVSS
7AI Score
0.0004EPSS
Palo Alto Networks PAN-OS 10.2.x < 10.2.7-h3 / 11.0.x < 11.0.4 / 11.1.x < 11.1.2 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.7-h3 or 11.0.x prior to 11.0.4 or 11.1.x prior to 11.1.2. It is, therefore, affected by a vulnerability. A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst...
7.5CVSS
7AI Score
0.0004EPSS
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.26 or 9.0.x prior to 9.0.17-h4 or 9.1.x prior to 9.1.17 or 10.1.x prior to 10.1.11-h4 or 10.2.x prior to 10.2.7-h3 or 11.0.x prior to 11.0.3. It is, therefore, affected by a vulnerability. A vulnerability in.....
4.1CVSS
6.9AI Score
0.0004EPSS
Palo Alto Networks PAN-OS 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability. A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an...
5.3CVSS
5.2AI Score
0.0004EPSS