CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2023/12/13 7:15 p.m.•10 views

CVE-2023-6792

An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall...

6.3CVSS0.002EPSS

Prion•added 2023/12/13 7:15 p.m.•15 views

Command injection

5.8CVSS8.2AI score0.00115EPSS

Prion•added 2023/12/13 7:15 p.m.•15 views

Design/Logic Flaw

An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall...

5.8CVSS7.9AI score0.00087EPSS

Cvelist•added 2023/12/13 6:16 p.m.•13 views

CVE-2023-6794 PAN-OS: File Upload Vulnerability in the Web Interface

5.5CVSS6.2AI score0.00087EPSS

CVE•added 2023/12/13 6:16 p.m.•60 views

CVE-2023-6794

CVE-2023-6794 affects Palo Alto Networks PAN-OS: an arbitrary file upload vulnerability in the web interface allows an authenticated read‑write administrator to disrupt system processes and potentially execute arbitrary code with limited privileges. Affected versions include PAN-OS 8.1.x before 8...

5.5CVSS6AI score0.00087EPSS

Vulnrichment•added 2023/12/13 6:16 p.m.•15 views

CVE-2023-6792 PAN-OS: OS Command Injection Vulnerability in the XML API

5.5CVSS8.3AI score0.002EPSS

Palo Alto Networks•added 2023/12/13 5:0 p.m.•27 views

PAN-OS: File Upload Vulnerability in the Web Interface

8.8CVSS7.5AI score0.00216EPSS

CVE-2023-22757

There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute...

9.8CVSS8.2AI score

CVE-2023-22756

9.8CVSS6.8AI score

9.8CVSS8.2AI score0.00425EPSS

CVE-2023-22754

9.8CVSS6.8AI score0.00425EPSS

CVE-2023-22755

Prion•added 2023/03/01 8:15 a.m.•14 views

Buffer overflow

7.5CVSS9.8AI score0.00425EPSS

Exploits0References1Affected Software2

F5 Networks•added 2023/02/21 6:50 p.m.•22 views

K11922628: NGINX Controller sensitive command-line arguments vulnerability CVE-2020-5866

Security Advisory Description The helper.sh script, which is used optionally in NGINX Controller to change settings, uses sensitive items as command-line arguments. CVE-2020-5866 Impact The affected script causes sensitive items to display in the system process listing ps , top while the helper.s...

5.5CVSS5.6AI score0.001EPSS

Exploits0Affected Software1

Cvelist•added 2022/09/30 6:46 p.m.•17 views

CVE-2022-20855 Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation Vulnerability

A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the...

7.9CVSS8.2AI score0.00198EPSS

CNNVD•added 2022/09/28 12:0 a.m.•3 views

Cisco IOS XE Software 操作系统命令注入漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE Software suffers from an operating system command injection...

7.9CVSS7.1AI score0.00198EPSS

Exploits0References5

Vulnrichment•added 2022/05/26 4:35 p.m.•4 views

CVE-2022-1261 Matrikon OPC Server Improper Access Control

Matrikon, a subsidary of Honeywell Matrikon OPC Server all versions is vulnerable to a condition where a low privileged user allowed to connect to the OPC server to use the functions of the IPersisFile to execute operating system processes with system-level privileges...

5.8CVSS7AI score0.00153EPSS

NVD•added 2022/05/11 5:15 p.m.•15 views

CVE-2022-0024

A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committ...

9CVSS0.01777EPSS

Prion•added 2022/05/11 5:15 p.m.•25 views

Code injection

9CVSS7.2AI score0.01777EPSS

Palo Alto Networks•added 2022/05/11 4:0 p.m.•36 views

PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit

7.2CVSS2.8AI score0.01777EPSS