Lucene search
K

676 matches found

RedhatCVE
RedhatCVE
added 2025/05/16 6:4 p.m.19 views

CVE-2025-0130

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...

8.2CVSS6.9AI score0.00358EPSS
Exploits0References3
OSV
OSV
added 2025/05/14 6:15 p.m.4 views

CVE-2025-0130

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...

7.5CVSS5.8AI score0.00358EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/05/14 6:15 p.m.4 views

CVE-2025-0130

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...

8.2CVSS5.8AI score0.00358EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/05/14 6:15 p.m.40 views

CVE-2025-0130

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...

8.2CVSS0.00358EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/14 5:37 p.m.15 views

CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...

8.2CVSS5.8AI score0.00358EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/14 5:37 p.m.36 views

CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this...

8.2CVSS0.00358EPSS
Exploits0References1
CVE
CVE
added 2025/05/14 5:37 p.m.55 views

CVE-2025-0130

PAN-OS CVE-2025-0130 describes a denial-of-service: a missing exception check in the web-proxy feature allows an unauthenticated attacker to send malicious packets that crash the firewall and reboot, with repeated attempts leading to maintenance mode. Affected product is Palo Alto Networks PAN-OS...

8.2CVSS5.8AI score0.00358EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/14 12:0 a.m.4 views

PT-2025-21199

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: A missing exception check in the software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets, causing the...

8.2CVSS5.8AI score0.00358EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.6 views

Palo Alto Networks PAN-OS 11.1.x < 11.1.6-h1 / 11.1.x < 11.1.7-h2 / 11.2.x < 11.2.5 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 11.1.x prior to 11.1.6-h1 / 11.1.7-h2 or 11.2.x prior to 11.2.5. It is, therefore, affected by a vulnerability. A missing exception check in Palo Alto Networks PAN-OS software with the web proxy feature enabled allows an...

8.2CVSS5.6AI score0.00358EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/12 12:0 a.m.6 views

The vulnerability of the HTTP-Proxy software for network firewalls, the UserGate Next-Generation Firewall (NGFW), allows a hacker to read arbitrary files.

The vulnerability of the HTTP-Proxy software of the UserGate Next-Generation Firewall exists due to the lack of measures to check input data. Exploiting this vulnerability allows a remote attacker to read arbitrary files...

8.6CVSS5.7AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 9:36 p.m.11 views

CVE-2022-24848

DHIS2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability affects the /api/programs/orgUnits?programs= API endpoint in DHIS2 versions prior to 2.36.10.1 and 2.37.6.1. The system is vulnerable to attack only from...

8.8CVSS7.2AI score0.01064EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/20 12:0 a.m.3 views

PT-2024-17759 · Satellite · Satellite

Name of the Vulnerable Software and Affected Versions: Satellite affected versions not specified Description: A server-side request forgery issue exists. When a PUT HTTP request is made to "/http proxies/test connection", and the http proxies variable is set to "localhost", an attacker can fetch...

5CVSS6.9AI score
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/10/26 12:0 a.m.11 views

Fortinet Fortigate Information disclosure in web proxy error pages (FG-IR-21-231)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-231 advisory. - A server-generated error message containing sensitive information in Fortinet FortiOS 7.0.0 through 7.0.3, 6.4.0 through...

4.3CVSS5.2AI score0.00767EPSS
Exploits0References2
OSV
OSV
added 2024/10/02 5:15 p.m.3 views

CVE-2024-20490

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

8.6CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2024/10/02 12:0 a.m.5 views

Cisco Nexus Dashboard 安全漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard that stems from the possibility that HTTP proxy credentials could be recorded in internal logs stored in...

8.6CVSS6.4AI score0.00277EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/09/12 3:23 a.m.3 views

Falsification and eavesdropping of contents across multiple websites via Web Rehosting services

Overview Researchers at NTT Secure Platform Laboratories and Waseda University have identified multiple security issues that lead to content being tampered with and eavesdropped on a service called Web Rehosting. These issues have been published in NDSS 2020. "Web Rehosting" is the name of a grou...

6.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.5 views

PT-2024-7968 · Eclipse · Eclipse Dataspace Components

Name of the Vulnerable Software and Affected Versions: Eclipse Dataspace Components versions 0.5.0 through 0.9.0 Description: The issue is related to the ConsumerPullTransferTokenValidationApiController component, which has inadequate authentication procedures. This allows a remote attacker to...

8.5CVSS7.8AI score0.00407EPSS
Exploits0References14
NVD
NVD
added 2024/08/22 4:15 p.m.10 views

CVE-2023-6452

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Web Security Transaction Viewer allows Stored XSS. The Forcepoint Web Security portal allows administrators to generate detailed reports on user requests made through the Web proxy. It h...

9.6CVSS0.00396EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2024/07/23 3:24 p.m.29 views

USN-6907-1: Squid vulnerability

Joshua Rogers discovered that Squid did not properly handle multi-byte characters during Edge Side Includes ESI processing. A remote attacker could possibly use this issue to cause a memory corruption error, leading to a denial of service...

6.3CVSS6.5AI score0.06255EPSS
Exploits0
Fedora
Fedora
added 2024/07/11 1:22 a.m.31 views

[SECURITY] Fedora 39 Update: squid-6.10-1.fc39

Squid is a high-performance proxy caching server for Web clients, supporting FTP and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups...

6.3CVSS7.4AI score0.06255EPSS
Exploits0
Rows per page
Query Builder