Lucene search
K

5908 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/22 12:0 a.m.17 views

Fortinet FortiWeb Multiple Stack based buffer overflow in web interface (FG-IR-22-118)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-118 advisory. - A stack-based buffer overflow in Fortinet FortiWeb version 7.0.0 through 7.0.1, Fortinet FortiWeb version 6.3.6 through...

8.8CVSS8.4AI score0.00792EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/22 12:0 a.m.20 views

Fortinet Fortigate Node.js crash over administrative interface (FG-IR-24-017)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-017 advisory. - An improper check or handling of exceptional conditions vulnerability CWE-703 in Fortinet FortiOS version 7.4.1 allows an...

7.5CVSS5.6AI score0.01151EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/22 12:0 a.m.26 views

Fortinet FortiWeb OS command injection in Web GUI (FG-IR-22-163)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-163 advisory. - An improper neutralization of special elements used in an os command 'OS Command Injection' CWE-78 in FortiWeb 7.0.0 through...

8.8CVSS8.5AI score0.02514EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/22 12:0 a.m.30 views

Fortinet FortiWeb Command injection in webserver (FG-IR-22-254)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-22-254 advisory. - A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 7.0....

8.8CVSS8.2AI score0.01755EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/17 12:3 p.m.18 views

CVE-2024-5055 Vulnerability of uncontrolled resource consumption in XAMPP

Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier. This vulnerability exists when XAMPP attempts to process many incomplete HTTP requests, resulting in resource consumption and system crashes...

7.5CVSS6.9AI score0.00443EPSS
Exploits0References1
NVD
NVD
added 2024/05/17 10:15 a.m.13 views

CVE-2024-5052

Denial of Service DoS vulnerability for Cerberus Enterprise 8.0.10.3 web administration. The vulnerability exists when the web server, default port 10001, attempts to process a large number of incomplete HTTP requests...

7.5CVSS7.6AI score0.00418EPSS
Exploits0References1
CVE
CVE
added 2024/05/17 9:40 a.m.50 views

CVE-2024-5052

Cerberus Enterprise 8.0.10.3 web administration (default port 10001) is affected by CVE-2024-5052, a DoS when processing a large number of incomplete HTTP requests. The issue is in the web server component and impacts availability. There is no exploitation detail provided in the documents. Remedi...

7.5CVSS6.8AI score0.00418EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/05/17 12:0 a.m.5 views

The vulnerability in the FortiOS operating system’s web administration interface allows a hacker to trigger a service failure.

The vulnerability in the FortiOS operating system’s web administration interface is related to deficiencies in handling exceptional states. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted HTTP requests...

5.3CVSS5.5AI score0.01151EPSS
Exploits0References2Affected Software1
Hacker One
Hacker One
added 2024/05/16 7:4 p.m.106 views

U.S. Dept Of Defense: Out-Of-Bounds Memory Read on ███

Vulnerability description not provided...

9.4CVSS8.4AI score0.99999EPSS
Exploits15
CNVD
CNVD
added 2024/05/15 12:0 a.m.8 views

Fortinet FortiOS Denial of Service Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A denial of service vulnerability...

7.5CVSS6.8AI score0.01151EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 8:35 p.m.29 views

CVE-2024-4561 WhatsUp Gold Server-Side Request Forgery Information Disclosure Vulnerability via FaviconController

In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server...

4.2CVSS4.8AI score0.00426EPSS
Exploits0References2
CVE
CVE
added 2024/05/14 8:35 p.m.42 views

CVE-2024-4561

Progress WhatsUp Gold before version 23.1.2 contains a blind SSRF in the FaviconController that lets an attacker issue arbitrary HTTP requests from the affected server (CVE-2024-4561). Affected product is Progress WhatsUp Gold; root cause is SSRF handling in FaviconController. Impact is informati...

5.3CVSS4.6AI score0.00426EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/05/14 7:15 p.m.16 views

CVE-2024-0862

The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses...

5CVSS5AI score0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 7:7 p.m.24 views

CVE-2024-0862

The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side Request Forgery vulnerability that allows an authenticated user to relay HTTP requests from the Protection server to otherwise private network addresses...

5CVSS6.9AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 7:7 p.m.62 views

CVE-2024-0862

The CVE-2024-0862 entry concerns the Proofpoint Encryption endpoint in Proofpoint Enterprise Protection. A Server-Side Request Forgery exists that lets an authenticated user relay HTTP requests from the Protection server to internal, private network addresses. Affected component: Proofpoint Encry...

5CVSS6.5AI score0.00192EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 5:17 p.m.2 views

CVE-2024-31491

A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests...

8.8CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2024/05/14 5:17 p.m.9 views

CVE-2024-31491

A client-side enforcement of server-side security vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests...

8.8CVSS8.9AI score0.00834EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 5:17 p.m.10 views

CVE-2024-31488

An improper neutralization of inputs during web page generation vulnerability CWE-79 in FortiNAC version 9.4.0 through 9.4.4, 9.2.0 through 9.2.8, 9.1.0 through 9.1.10, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 7.2.0 through 7.2.3 may allow a remote authenticated attacker to perform stored and...

9CVSS6.2AI score0.01014EPSS
Exploits0References1
NVD
NVD
added 2024/05/14 5:15 p.m.20 views

CVE-2024-26007

An improper check or handling of exceptional conditions vulnerability CWE-703 in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests...

7.5CVSS5.4AI score0.01151EPSS
Exploits0References1
OSV
OSV
added 2024/05/14 5:15 p.m.4 views

CVE-2023-45583

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13,...

7.2CVSS5.9AI score0.00654EPSS
Exploits0References1
Rows per page
Query Builder