Lucene search
+L

57 matches found

nvd
nvd
added 2026/07/09 8:16 p.m.6 views

CVE-2026-0277

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS0.00125EPSS
Exploits0References1
cve
cve
added 2026/07/09 7:14 p.m.23 views

CVE-2026-0277

The CVE covers Prisma Access Agent for iOS with an improper certificate validation weakness enabling a man-in-the-middle to intercept VPN traffic. Other platforms (Windows, macOS, Linux, Android, ChromeOS) are not affected. Root cause: improper certificate validation in iOS client. Impact is desc...

8.7CVSS6AI score0.00125EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/07/09 7:14 p.m.39 views

CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS0.00125EPSS
Exploits0References1
euvd
euvd
added 2026/07/09 7:14 p.m.7 views

EUVD-2026-42689

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS6AI score0.00125EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/06/10 12:0 a.m.18 views

Palo Alto Networks Prisma Access Agent for Linux 安全漏洞

Palo Alto Networks Prisma Access Agent for Linux is a Linux terminal security access client provided by Palo Alto Networks. There is a security vulnerability in Palo Alto Networks Prisma Access Agent for Linux, which stems from a security control bypass. This vulnerability could allow local...

6.9CVSS5.3AI score0.00095EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:25 p.m.10 views

CVE-2026-0248

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

8.6CVSS5.5AI score0.00188EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/13 7:5 p.m.37 views

CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

8.6CVSS0.00188EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/13 7:5 p.m.9 views

CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

8.6CVSS5.8AI score0.00188EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/13 12:0 a.m.14 views

PT-2026-40772

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

8.6CVSS5.8AI score0.00188EPSS
Exploits0References2
ncsc
ncsc
added 2026/04/10 12:11 p.m.8 views

Vulnerabilities fixed in Synology SSL VPN Client

Synology has fixed vulnerabilities in Synology SSL VPN Client. A malicious party can exploit these vulnerabilities because Synology SSL VPN Client with version before 1.4.5-0684 stores PINs insecurely and does not adequately shield files via a local HTTP server component. This can lead to...

8.1CVSS5.8AI score0.00322EPSS
Exploits0References1
cve
cve
added 2026/04/03 10:37 p.m.10 views

CVE-2021-4477

CVE-2021-4477 affects Hirschmann HiLCOS OpenBAT and BAT450 products. It is a firewall bypass vulnerability in IPv6 IPsec deployments that lets traffic from VPN connections bypass configured firewall rules. Exploitation involves establishing IPv6 IPsec connections (IKEv1 or IKEv2) while using an I...

9.3CVSS5.9AI score0.00319EPSS
Exploits0References2
nessus
nessus
added 2026/01/20 12:0 a.m.8 views

MiracleLinux 8 : NetworkManager-1.40.16-18.el8_10.ML.1 (AXSA:2025-9552:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9552:02 advisory. Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routi...

7.6CVSS5.8AI score0.04063EPSS
Exploits1References2
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-10103

Malware in sbrugna...

7.8CVSS7.5AI score0.00978EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.8 views

EUVD-2012-4956

Malware in sbrugna...

6.4CVSS6.4AI score0.01292EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32236

Malicious code in bioql PyPI...

7.6CVSS7.8AI score0.04063EPSS
Exploits1References20
malwarebytes
malwarebytes
added 2025/07/30 9:6 p.m.10 views

VPN use rises following Online Safety Act’s age verification controls

As the UK's Online Safety Act came into effect on Friday—along with its age verification controls—the use of virtual private network VPN services has skyrocketed by up to 20-fold across the region. Top10VPN, which monitors VPN traffic around the world, spotted UK VPN traffic spiking 1,327% on Jul...

6.8AI score
Exploits0
nessus
nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 3: Bug fix of NetworkManager (Moderate) (TSSA-2025:0044)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0044 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.6CVSS7.4AI score0.04063EPSS
Exploits1References2
redhatcve
redhatcve
added 2025/05/23 7:20 a.m.17 views

CVE-2024-8474

OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic...

7.5CVSS6.9AI score0.00535EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 7:17 p.m.7 views

CVE-2021-22985

On BIG-IP APM version 16.0.x before 16.0.1.1, under certain conditions, when processing VPN traffic with APM, TMM consumes excessive memory. A malicious, authenticated VPN user may abuse this to perform a DoS attack against the APM. Note: Software versions which have reached End of Software...

7.8CVSS6.6AI score0.00978EPSS
Exploits0References1
osv
osv
added 2025/05/07 7:11 p.m.9 views

RLSA-2025:0288 Moderate: Bug fix of NetworkManager

Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routing table that is specified by ipv4.route-table JIRA:Rocky Linux-73051 VPN connections do not support ipv4.routing-rules settings JIRA:Rocky...

7.6CVSS7.9AI score0.04063EPSS
Exploits1References1
Rows per page
Query Builder