Lucene search
K

13508 matches found

GithubExploit
GithubExploit
added 2026/06/09 1:13 p.m.60 views

metasploitable2-pentest

Metasploitable 2 Penetration Test Date: June 2026 Teste...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/09 3:41 a.m.64 views

secure-banking-app

secure-banking-app...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : firewalld (EulerOS-SA-2026-2240)

According to the versions of the firewalld packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setter...

5.5CVSS5.5AI score0.00118EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.36 views

Fedora 44 : tailscale (2026-07897c0238)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-07897c0238 advisory. - update to 1.98.4 - Allow nftables to satisfy firewall dependency in lieu of iptables rhbz2453924 - Fix 45s timeout on shutdowns in certain cases...

5CVSS5.7AI score0.00153EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.11 views

EulerOS 2.0 SP11 : firewalld (EulerOS-SA-2026-2202)

According to the versions of the firewalld packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setter...

5.5CVSS5.5AI score0.00118EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/06/08 3:27 p.m.8 views

Security update for firewalld

This update for firewalld fixes the following issue: CVE-2026-4948: local unprivileged users can modify the runtime firewall state without proper authentication due to D-Bus setter mis-authorizations bsc1260903. Patch Instructions: To install this SUSE update use the SUSE recommended installation...

6.8CVSS5.4AI score0.00118EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/08 2:59 p.m.10 views

CVE-2026-49494

Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements an unsigned 64-bit payload-length value taken from the IPv6 fixed header's payload length field by the size of each IPv6 extension header without validating it, so...

8.7CVSS5.6AI score0.00542EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.10 views

Exploiting Logic Asymmetry in Modern Web Application Firewalls

This research whitepaper demonstrates that even the most modern WAFs remain vulnerable to attacks exploiting logic asymmetry in HTTP protocol processing. Real-world testing on a Weaver Ecology OA system achieved a 100% bypass rate 40/40 test cases, confirming the critical severity of this...

5.5AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/07 3:50 p.m.77 views

kaido-waf

⚔️ Kaido WAF Web Application Firewall do Kaido Red Team...

6AI score
Exploits0
NVD
NVD
added 2026/06/07 1:16 p.m.24 views

CVE-2026-49494

Xcitium Client Security XCS before 13.8.2.10019 and Comodo Internet Security CIS through 12.3.4.8162 fix expected by 2026 Q3 contain an integer underflow vulnerability in the firewall driver Inspect.sys that allows remote unauthenticated attackers to crash the system by sending a crafted IPv6...

8.7CVSS0.00542EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.14 views

PT-2026-47183

Name of the Vulnerable Software and Affected Versions Comodo Internet Security affected versions not specified Description The firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements an unsigned 64-bit payload-length value, derived from the IPv6...

8.7CVSS5.5AI score0.00542EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.11 views

Comodo Internet Security 数字错误漏洞

Comodo Internet Security is a set of computer security software developed by the American company Comodo, primarily aimed at internet security. Comodo Internet Security has a digital error vulnerability; this vulnerability stems from an integer underflow in the IPv6 packet resolver within the...

8.7CVSS5.8AI score0.00542EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.9 views

CVE-2026-7164

Incorrect packet validation allowed unbounded recursion parsing SCTP chunk parameters. This can eventually result in a stack overflow and panic. Remote attackers can craft packets which cause affected systems to panic. This affects any system where pf is configured to process traffic, independent...

7.5CVSS5.5AI score0.00432EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.9 views

CVE-2026-0206

A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall...

4.9CVSS5.5AI score0.00504EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:34 p.m.12 views

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS5.2AI score0.00154EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 7:34 p.m.13 views

EUVD-2026-34911

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS5.2AI score0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 7:34 p.m.30 views

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS0.00154EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 7:31 p.m.39 views

CVE-2026-25623

CVE-2026-25623 describes a command execution vulnerability in the browser management pipeline of Arista Edge Threat Management NGFW. The issue requires an authenticated administrative user with UI access and affects NGFW versions up to 17.4.0. The advisory indicates the vulnerability allows an ad...

7CVSS5.8AI score0.05951EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/05 7:31 p.m.13 views

EUVD-2026-34909

An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions...

7CVSS5.8AI score0.05951EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 7:29 p.m.28 views

CVE-2026-25622 Arista Edge Threat Management NGFW Captive Portal Custom Handler Command Injection

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...

7CVSS0.0988EPSS
Exploits0References1
Rows per page
Query Builder