Lucene search
+L

972 matches found

nuclei
nuclei
added 3 days ago287 views

PAN-OS Management Interface - Path Confusion to Authentication Bypass

A vulnerability in PAN-OS management interface allows authentication bypass through path confusion between Nginx and Apache handlers.The issue occurs due to differences in path processing between Nginx and Apache, where double URL encoding combined with directory traversal can bypass authenticati...

9.1CVSS7.1AI score0.98417EPSS
Exploits8References1
euvd
euvd
added last week8 views

EUVD-2026-42676

A server-side request forgery SSRF vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services. The security risk posed by this issue is minimize...

7CVSS6AI score0.00416EPSS
Exploits0References1
nessus
nessus
added 2026/07/09 12:0 a.m.12 views

Palo Alto Networks PAN-OS 11.1.x < 11.1.16 / 11.2.x < 11.2.13 / 12.1.x < 12.1.8 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 11.1.x prior to 11.1.16, 11.2.x prior to 11.2.13, or 12.1.x prior to 12.1.8. It is, therefore, affected by a vulnerability. An information disclosure vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticat...

7.1CVSS7AI score0.00278EPSS
Exploits0References2
nessus
nessus
added 2026/07/08 12:0 a.m.7 views

Juniper Junos OS Vulnerability (JSA110076)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110076 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an...

7.1CVSS6.1AI score0.00281EPSS
Exploits0References2
nessus
nessus
added 2026/07/08 12:0 a.m.7 views

Juniper Junos OS Vulnerability (JSA110086)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110086 advisory. - An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an...

8.7CVSS6.1AI score0.00461EPSS
Exploits0References2
nessus
nessus
added 2026/07/08 12:0 a.m.6 views

Juniper Junos OS Vulnerability (JSA110073)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA110073 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the advanced forwarding toolkit evo-aftmand of Juniper Networks Junos OS Evolved on PTX Series...

8.2CVSS6.1AI score0.00405EPSS
Exploits0References2
nessus
nessus
added 2026/07/08 12:0 a.m.5 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS software enables an authenticated...

8.5CVSS6.9AI score0.014EPSS
Exploits0References2
cve
cve
added 2026/07/02 2:49 p.m.14 views

CVE-2026-54402

CVE-2026-54402 describes an Improper Input Validation flaw in UniFi OS enabling a Command Injection on the host when a malicious actor with network access and low privileges interacts with the system. The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) yields a base score of 9.9 (CRITICAL),...

9.9CVSS5.8AI score0.00872EPSS
Exploits0References1Affected Software1
nessus
nessus
added 2026/06/30 12:0 a.m.10 views

Axis Communications AXIS OS Improper Neutralization of Wildcards or Matching Symbols (CVE-2024-6509)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. Axis has released patched AXIS OS versions for this flaw. This plugin only works with Tenable.ot. Please visit...

6.5CVSS5.9AI score0.00391EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/10 9:1 p.m.40 views

CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed...

8.6CVSS5.7AI score0.01373EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/10 9:1 p.m.46 views

CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI

A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security risk posed...

8.6CVSS0.01373EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/10 9:0 p.m.11 views

CVE-2026-22926

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS5.4AI score0.00132EPSS
Exploits0References1
githubexploit
githubexploit
added 2026/06/10 7:34 a.m.70 views

Exploit for Reliance on Cookies without Validation and Integrity Checking in Paloaltonetworks Pan-Os

🚨 CVE-2026-0257 – PAN-OS GlobalProtect Authentication Bypass...

9.1CVSS5.9AI score0.86678EPSS
Exploits11
osv
osv
added 2026/06/09 12:16 a.m.11 views

DEBIAN-CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

4.3CVSS5.5AI score0.00193EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/13 5:59 p.m.8 views

CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability

Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI. The security ri...

8.6CVSS5.9AI score0.01403EPSS
Exploits0References1
nessus
nessus
added 2026/04/29 12:0 a.m.7 views

Juniper Junos OS Vulnerability (JSA92864)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA92864 advisory. - An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a...

6.8CVSS5.9AI score0.00154EPSS
Exploits0References2
nessus
nessus
added 2026/04/28 12:0 a.m.6 views

Juniper Junos OS Vulnerability (JSA100092)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100092 advisory. - A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, lo...

6.8CVSS5.5AI score0.00113EPSS
Exploits0References2
euvd
euvd
added 2026/04/10 12:30 a.m.11 views

EUVD-2026-21080

A UNIX Symbolic Link Symlink Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system. When after a user has performed a specific 'file lin...

7.3CVSS5.9AI score0.00129EPSS
Exploits0References2
cve
cve
added 2026/04/09 9:37 p.m.18 views

CVE-2026-33787

The CVE-2026-33787 entry describes an Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS chassisd on SRX1500, SRX4100, SRX4200, and SRX4600. When a specific show chassis CLI command is run, chassisd crashes and restarts, causing a momentary DoS with traffic disrupti...

6.8CVSS5.9AI score0.00093EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/04/09 9:30 p.m.25 views

CVE-2026-33779 Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communication

An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it. When an SRX device is provisioned to connect t...

8.3CVSS0.00121EPSS
Exploits0References1
Rows per page
Query Builder