Lucene search
K

102 matches found

CVE
CVE
added 2021/09/08 5:10 p.m.65 views

CVE-2021-3055

Palo Alto Networks PAN-OS is affected by CVE-2021-3055 due to an improper restriction of XML external entity (XXE) in the web interface. An authenticated administrator can read arbitrary files from the device and trigger a crafted request that crashes the service, causing DoS across PAN-OS servic...

7.5CVSS6.4AI score0.01073EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/08 5:10 p.m.21 views

CVE-2021-3055 PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface

An improper restriction of XML external entity XXE reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash...

6.5CVSS6.6AI score0.01073EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/09/08 4:0 p.m.31 views

PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface

An improper restriction of XML external entity XXE reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash...

6.5CVSS1.7AI score0.01073EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/09/08 12:0 a.m.32 views

Palo Alto Networks PAN-OS 8.1.x < 8.1.20 / 9.0.x < 9.0.14 / 9.1.x < 9.1.10 / 10.0.x < 10.0.6 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.20 or 9.0.x prior to 9.0.14 or 9.1.x prior to 9.1.10 or 10.0.x prior to 10.0.6. It is, therefore, affected by a vulnerability. - An improper restriction of XML external entity XXE reference vulnerability in...

7.5CVSS6.8AI score0.01073EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/10/22 12:0 a.m.80 views

CentOS Update for bpftool CESA-2019:3055 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.06821EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2019/10/18 12:0 a.m.63 views

Oracle Linux 7 : kernel (ELSA-2019-3055)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3055 advisory. - vhost vhost: make sure lognum innum Eugenio Perez 1750879 1750880 CVE-2019-14835 - net Bluetooth: Fix faulty expression for minimum encryption key si...

9.8CVSS7.7AI score0.06821EPSS
Exploits4References5
Openbugbounty
Openbugbounty
added 2019/09/23 10:14 a.m.7 views

themedmerchandise.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-978797 Security Researcher KhanJanny Helped patch 3055 vulnerabilities Received 9 Coordinated Disclosure badges Received 38 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting themedmerchandise.com...

Exploits0
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.30 views

openSUSE: Security Advisory for virtualbox (openSUSE-SU-2018:2295-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.6CVSS6.8AI score0.00584EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/08/10 12:0 a.m.24 views

openSUSE Security Update : virtualbox (openSUSE-2018-853)

This update for virtualbox to version 5.2.16 fixes the following issues : The following security vulnerabilities were fixed boo1101667 : - CVE-2018-3005: Fixed an easily exploitable vulnerability that allowed unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox...

8.6CVSS6.5AI score0.00584EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2018/07/20 12:0 a.m.47 views

Oracle VM VirtualBox < 5.2.16 Multiple Vulnerabilities (July 2018 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.16. It is, therefore, affected by multiple vulnerabilities as noted in the April 2018 Critical Patch Update advisory : - An unspecified vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization...

8.6CVSS6.8AI score0.00584EPSS
Exploits1References11
CVE
CVE
added 2018/07/18 1:0 p.m.73 views

CVE-2018-3055

CVE-2018-3055 affects Oracle VM VirtualBox (Core) prior to version 5.2.16. The vulnerability is exploitable by an unauthenticated user who has logon access to the infrastructure where VirtualBox runs and requires user interaction. Successful exploitation can lead to a hang or frequently repeating...

7.1CVSS6.1AI score0.00504EPSS
Exploits1References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:16 p.m.18 views

Security Bulletin: XXE and XmlBomb vulnerability in FileNet Workplace (CVE-2016-3055)

Summary FileNet Workplace is susceptible to the XXE and XmlBomb vulnerability. Vulnerability Details Relevant CVE Information: CVEID: CVE-2016-3055 DESCRIPTION: IBM FileNet Workplace is vulnerable to a denial of service, caused by an XML External Entity Injection XXE error when processing XML dat...

8.1CVSS0.2AI score0.01386EPSS
Exploits0Affected Software1
CVE
CVE
added 2017/04/12 2:0 p.m.84 views

CVE-2017-3055

CVE-2017-3055 affects Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, and 15.023.20070 and earlier. The vulnerability is an exploitable heap overflow in JPEG 2000 parsing of the fragment list tag, which could lead to arbitrary code execution. The description does not ...

9.3CVSS8.9AI score0.14452EPSS
Exploits0References4Affected Software4
CVE
CVE
added 2016/12/01 11:0 a.m.44 views

CVE-2016-3055

IBM FileNet Workplace 4.0.2 is affected by CVE-2016-3055 due to an XML External Entity (XXE) flaw in processing XML data, which could allow remote authenticated users to read arbitrary files or cause a memory-based denial of service. Affected version: FileNet Workplace 4.0.2 (before 4.0.2.14 LA01...

8.1CVSS7.5AI score0.01386EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/08/11 12:0 a.m.260 views

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3055-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3055-1 advisory. Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could u...

7.8CVSS7.4AI score0.01009EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.258 views

Oracle: Security Advisory (ELSA-2015-3055)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS6.2AI score0.00643EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/05/15 12:0 a.m.42 views

Adobe Reader Multiple Vulnerabilities - 01 (May 2015) - Mac OS X

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

10CVSS6.5AI score0.2547EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2015/05/14 12:0 a.m.55 views

Adobe Reader < 10.1.14 / 11.0.11 Multiple Vulnerabilities (APSB15-10)

The version of Adobe Reader installed on the remote host is a version prior to 10.1.14 / 11.0.11. It is, therefore, affected by the following vulnerabilities : - A buffer overflow condition exists in CoolType.dll due to improper validation of user-supplied input. A remote attacker can exploit thi...

10CVSS6.7AI score0.2547EPSS
Exploits4References35
NVD
NVD
added 2015/05/13 10:59 a.m.22 views

CVE-2015-3055

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3059, and CVE-2015-3075...

7.5CVSS7.3AI score0.09802EPSS
Exploits0References4
Prion
Prion
added 2015/05/13 10:59 a.m.17 views

Design/Logic Flaw

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3054, CVE-2015-3055, CVE-2015-3059, and CVE-2015-3075...

10CVSS7.6AI score0.11156EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder