CVE-2026-5332 Xiaopi Panel WAF Firewall demo.php cross site scripting

A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...

CVE-2025-44882

A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input...

PT-2024-1219 · Oracle · Oracle Audit Vault/Database Firewall

Name of the Vulnerable Software and Affected Versions: Oracle Audit Vault and Database Firewall versions 20.1 through 20.9 Description: The issue is related to insufficient input validation in the Firewall component of Oracle Audit Vault and Database Firewall. It allows a high-privileged attacker...

PT-2024-1155 · Oracle · Oracle Audit Vault/Database Firewall

Name of the Vulnerable Software and Affected Versions: Oracle Audit Vault and Database Firewall versions 20.1 through 20.9 Description: The issue is related to insufficient input validation in the Firewall component of Oracle Audit Vault and Database Firewall, allowing a remote attacker to gain...

kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

A use-after-free vulnerability was found in fwsetparms in net/sched/clsfw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain loc...

Apple OS X Server Information Disclosure And Security Bypass Vulnerabilities

Apple OS X Server is prone to information disclosure and security bypass vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Unspecified vulnerability in Oracle MySQL Server:Security:Firewall component (CNVD-2015-04716)

Oracle MySQL Server is a relational and popular database. A security vulnerability exists in the client subcomponent of Oracle MySQL Server, which can be exploited by remote attackers to construct a malicious WEB page and trick users into parsing it, which can impact system availability...

Unspecified vulnerability in Oracle MySQL Server:Security:Privileges component (CNVD-2015-04715)

Oracle MySQL Server is a relational and popular database. A security vulnerability exists in the Server:Security:Firewall subcomponent of Oracle MySQL Server, which can be exploited by remote attackers to construct a malicious WEB page and trick users into parsing it, which can compromise system...

Unspecified vulnerability in Oracle MySQL Server:Security:Firewall component (CNVD-2015-04718)

Oracle MySQL Server is a relational and popular database. A security vulnerability exists in the Server:Security:Firewall subcomponent of Oracle MySQL Server, which can be exploited by remote attackers to construct a malicious WEB page and trick users into parsing it, which can impact system...

Norton Internet Security NBNS Response Processing Stack Overflow - Ver2 (CVE-2004-0444)

Norton Internet Security is a security solution produced by Symantec corporation. If the Firewall component allows traffic on port 137/UDP, this traffic will be parsed as NetBIOS Name Service messages. There exists a vulnerability in the Symantec Firewall product line. A specially crafted NetBIOS...