Lucene search
+L

813 matches found

cvelist
cvelist
added 2026/03/04 6:36 p.m.38 views

CVE-2026-20064

A vulnerability in of Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a...

6.5CVSS0.00099EPSS
Exploits0References1
cve
cve
added 2026/03/04 6:34 p.m.33 views

CVE-2026-20016

Cisco FXOS Software CLI contains an input-validation flaw that can allow an authenticated, local attacker with admin credentials to execute arbitrary commands on the underlying OS with root privileges. Root cause: insufficient validation of user-supplied CLI arguments in the Cisco Secure Firewall...

6.7CVSS6.2AI score0.00334EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2026/03/04 6:34 p.m.7 views

CVE-2026-20016

A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attack...

6CVSS6.2AI score0.00334EPSS
Exploits0References1
nvd
nvd
added 2026/03/04 6:16 p.m.13 views

CVE-2026-20008

A vulnerability in a small subset of CLI commands that are used on Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to craft Lua code that could be used on the underlying operating...

6CVSS0.00132EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/04 5:41 p.m.6 views

CVE-2026-20017

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

6CVSS6.2AI score0.00172EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/03/04 5:41 p.m.5 views

CVE-2026-20017 Cisco Secure FTD Software Authenticated Command Injection Vulnerability

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

6CVSS6.2AI score0.00172EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/03/04 12:0 a.m.6 views

PT-2026-23022

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

6CVSS6.2AI score0.00188EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/03/04 12:0 a.m.11 views

Cisco Secure Firewall Threat Defense 参数注入漏洞

Cisco Secure Firewall Threat Defense is an integrated firewall platform developed by Cisco, a US company. Cisco Secure Firewall Threat Defense has a parameter injection vulnerability. This vulnerability stems from insufficient validation of command parameters provided by users, which may allow...

6CVSS6.1AI score0.00188EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/03/04 12:0 a.m.6 views

PT-2026-22976

A vulnerability in the lockdown mechanism of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, local attacker to perform arbitrary commands as root. This vulnerability is due to insufficient restrictions on remediation modules while in lockdown mode. An attacker...

6CVSS6.2AI score0.00138EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/03/04 12:0 a.m.6 views

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 操作系统命令注入漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...

6CVSS6.1AI score0.00132EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/03/04 12:0 a.m.9 views

Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Threat Defense is an integrated firewall platform developed by the American company Cisco. There is a security vulnerability present in Cisco Secure Firewall Threat Defense, which stems from insufficient validation of command parameters provided by users. This vulnerability...

6CVSS6.1AI score0.00172EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/03/04 12:0 a.m.9 views

Cisco Secure Firewall Threat Defense 代码问题漏洞

Cisco Secure Firewall Threat Defense is an integrated firewall platform developed by the American company Cisco. There is a code vulnerability in Cisco Secure Firewall Threat Defense, which stems from improper input validation provided by users. This vulnerability could allow authenticated local...

6.5CVSS5.9AI score0.00099EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/03/04 12:0 a.m.12 views

PT-2026-23014

A vulnerability in the CLI of Cisco Secure FTD Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. To exploit this vulnerability, the attacker must have valid administrative credentials on an affected device. This...

6CVSS6.2AI score0.00172EPSS
Exploits0References2
nvd
nvd
added 2026/03/02 5:16 p.m.9 views

CVE-2025-64427

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that target internal IP addresses e.g., 127.0.0.1, localhost, or...

7.1CVSS0.00238EPSS
Exploits1References1
cve
cve
added 2026/03/02 4:28 p.m.27 views

CVE-2025-64427

ZimaOS (a CasaOS fork for Zima devices and x86-64 with UEFI) is vulnerable to Server-Side Request Forgery (SSRF) in version 1.5.0 and earlier. An authenticated local user can craft requests to internal targets (127.0.0.1, localhost, private ranges) due to insufficient URL validation/restriction, ...

7.1CVSS5.9AI score0.00238EPSS
Exploits1References1Affected Software1
osv
osv
added 2026/03/02 4:28 p.m.6 views

CVE-2025-64427 ZimaOS is vulnerable to Server-Side Request Forgery (SSRF)

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or restriction of target URLs, an authenticated local user can craft requests that target internal IP addresses e.g., 127.0.0.1, localhost, or...

7.1CVSS5.9AI score0.00238EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2026/03/02 12:0 a.m.15 views

PT-2026-22627

Name of the Vulnerable Software and Affected Versions ZimaOS versions prior to 1.5.1 Description ZimaOS, a fork of CasaOS, is susceptible to a flaw stemming from inadequate validation or restriction of target URLs. An authenticated local user can construct requests that target internal IP...

7.1CVSS5.9AI score0.00238EPSS
Exploits1References9
cnnvd
cnnvd
added 2026/03/02 12:0 a.m.9 views

ZimaOS 代码问题漏洞

ZimaOS is an open-source operating system project by IceWhaleTech, aimed at providing a lightweight, high-performance, and secure operating system environment. ZimaOS versions 1.5.0 and earlier have code vulnerabilities; these vulnerabilities stem from insufficient validation or restrictions on...

7.1CVSS5.9AI score0.00238EPSS
Exploits1References1
nessus
nessus
added 2026/02/26 12:0 a.m.4 views

Cisco Catalyst SD-WAN Manager < 20.18 Multiple Vulnerabilities (cisco-sa-sdwan-authbp-qwCX8D4v)

According to its self-reported version, Cisco Catalyst SD-WAN Manager is affected by multiple vulnerabilities: - A vulnerability could allow an unauthenticated, remote attacker to bypass authentication mechanisms and gain unauthorized access to the system. CVE-2026-20129 - A vulnerability could...

9.8CVSS8.3AI score0.05269EPSS
Exploits0References5
euvd
euvd
added 2026/02/25 6:31 p.m.9 views

EUVD-2026-8672

A vulnerability in the Object Model CLI component of Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. To exploit this vulnerability, the attacker...

5.5CVSS5.8AI score0.00087EPSS
Exploits0References2
Rows per page
Query Builder