Lucene search
K

37330 matches found

Nuclei
Nuclei
added yesterday169 views

Cisco IOS XE WLC - Arbitrary File Upload

A vulnerability in the Out-of-Band Access Point AP Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.This vulnerability is due to the presence of a hard-coded JSON Web...

10CVSS7.1AI score0.17894EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday131 views

Cisco IOS XE Web UI - Command Injection

A vulnerability in the web UI component of Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system. This vulnerability is due to improper input validation in the web UI. An attacker could exploit...

10CVSS7.1AI score0.99571EPSS
Exploits27References2
Nuclei
Nuclei
added yesterday153 views

Cisco IOS HTTP Configuration - Authentication Bypass

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. id: CVE-2001-0537 info: name: Cisco IOS HTTP Configuration - Authentication Bypass author:...

9.3CVSS6.3AI score0.6845EPSS
Exploits8References5
NVD
NVD
added 5 days ago6 views

CVE-2026-0277

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS0.00125EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42689

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS6AI score0.00125EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-0277

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS6AI score0.00125EPSS
Exploits0References2
CVE
CVE
added 5 days ago16 views

CVE-2026-0277

The CVE covers Prisma Access Agent for iOS with an improper certificate validation weakness enabling a man-in-the-middle to intercept VPN traffic. Other platforms (Windows, macOS, Linux, Android, ChromeOS) are not affected. Root cause: improper certificate validation in iOS client. Impact is desc...

8.7CVSS6AI score0.00125EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IKEv2 DoS (cisco-sa-multiprod-ikev2-dos-gPctUqv2)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 protocol processing of Cisco Adaptive Security Appliance ASA Software, Cisco Firepower Threat Defense FTD Software, Cisco IOS Software, and...

8.6CVSS6.9AI score0.0048EPSS
Exploits0References5
NVD
NVD
added 2026/07/07 12:16 a.m.9 views

CVE-2026-13356

A malicious webpage could interrupt a pending navigation by enqueuing a synchronous JavaScript dialog, causing the browser UI to display the destination origin in the address bar while continuing to render attacker-controlled content. This vulnerability was fixed in Firefox for iOS 152.3...

6.3CVSS0.00132EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40761

Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00276EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40590

Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00264EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40588

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00245EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40548

Insufficient policy enforcement in Web Authentication Passkeys & Security Keys in Google Chrome on iOS prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00238EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40529

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00345EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40533

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00318EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.3 views

EUVD-2026-40536

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: High...

6.1AI score0.0027EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40494

Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: High...

4.6CVSS5.8AI score0.00134EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-13991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via...

4.3CVSS6.2AI score0.00169EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-14068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI...

6.1CVSS6.2AI score0.00182EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer...

8.3CVSS6.2AI score0.00277EPSS
Exploits0References2
Rows per page
Query Builder