Lucene search
K

1092 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-0278

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS0.00151EPSS
Exploits0References1
NVD
NVD
added 4 days ago8 views

CVE-2026-0284

An XML injection vulnerability in the Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data...

7.8CVSS0.00498EPSS
Exploits0References1
NVD
NVD
added 4 days ago6 views

CVE-2026-0280

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

6.3CVSS0.00475EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago36 views

CVE-2026-0278 Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS0.00151EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-0279

Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal aka Captive Portal service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payloa...

5.3CVSS5.4AI score0.01172EPSS
Exploits0References2Affected Software2
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42679

A file deletion vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory. The security risk posed by this issue is minimized by restricting access to the management web...

6.9CVSS6AI score0.00357EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42678

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS6AI score0.00577EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42672

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this...

8.7CVSS5.9AI score0.00534EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-0287

CVE-2026-0287 describes multiple denial-of-service vulnerabilities in Palo Alto Networks PAN-OS, exploitable by unauthenticated network access to dataplane interfaces. Affected: PAN-OS versions including 10.2.x, 11.1.x, 11.2.x and 12.1.x. Impact: potential DoS with firewall entering maintenance m...

8.7CVSS5.9AI score0.00534EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS0.00557EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 5 days ago4 views

CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS6.5AI score0.00557EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-56448

Name of the Vulnerable Software and Affected Versions n8n versions prior to 1.123.61 n8n versions prior to 2.27.4 n8n versions 2.28.0 through 2.28.0 Description A SQL injection issue exists in the legacy MySQL v1 node during the executeQuery operation. The system substitutes evaluated...

8.8CVSS6.3AI score0.00314EPSS
Exploits0References8
NVD
NVD
added 2026/07/06 9:16 a.m.9 views

CVE-2026-1433

uniFLOW Universal Login Manager ULM Standalone contains an information disclosure vulnerability that may allow an authenticated administrator to access sensitive configuration information through the ULM Remote User Interface RUI. Exploitation requires administrative privileges and may disclose...

4.8CVSS0.00217EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 6:3 a.m.5 views

BELL-CVE-2026-53315 CVE-2026-53315 does not affect BellSoft software

Bulletin has no description...

5.5CVSS5.7AI score0.00102EPSS
Exploits0References1
OSV
OSV
added 2026/06/26 6:12 a.m.8 views

BELL-CVE-2026-53116 CVE-2026-53116 does not affect BellSoft software

Bulletin has no description...

5.7AI score0.00145EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/25 8:38 p.m.7 views

EUVD-2026-39561

Two data sources DICOMWebProxy and DICOMJSON shipped in the default configuration fetch an arbitrary URL parameter without validation. A global authentication service in OHIF automatically injects the authenticated user's OIDC Bearer token into the resulting requests, sending it to the...

8.3CVSS6AI score0.00232EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 6:11 a.m.4 views

BELL-CVE-2026-53127 CVE-2026-53127 does not affect BellSoft software

Bulletin has no description...

5.7AI score0.00145EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 4:29 p.m.13 views

CVE-2026-53001

CVE-2026-53001 concerns the Linux kernel netfilter xtables stack. The vulnerability description indicates a partial revert to restrict several matches to the inet family, effectively allowing only IPv4/IPv6 usage for certain extensions. The affected/affected-capable extensions are: xt_mac , xt_ow...

5.8AI score0.00176EPSS
Exploits0References8
OSV
OSV
added 2026/06/16 12:40 p.m.5 views

BIT-PARSE-2026-53724 Parse Server: Stored XSS via trailing-dot filename bypassing file upload extension blocklist

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.79 and 9.9.1, the default file upload extension blocklist can be bypassed by appending a trailing dot to a filename whose extension would otherwise be blocked e.g. poc.svg...

2.1CVSS5.1AI score0.00281EPSS
Exploits0References4
OSV
OSV
added 2026/06/12 12:25 p.m.8 views

OESA-2026-2620 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may resul...

8.1CVSS9AI score0.01059EPSS
Exploits0References3
Rows per page
Query Builder