36 matches found
CVE-2026-0281
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The...
CVE-2026-0285
CVE-2026-0285 : PAN-OS contains a server-side request forgery (SSRF) vulnerability that can be exploited by an authenticated administrator with network access to the management web interface, allowing unauthorized requests from the firewall to internal services. Affected relationships from the so...
CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent
Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...
Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS...
PT-2026-56211
Name of the Vulnerable Software and Affected Versions New API versions prior to 0.12.0-alpha.1 Description An issue exists where the default Server-Side Request Forgery SSRF protection configuration fails to apply IP filtering to hostnames. Because the ApplyIPFilterForDomain setting is disabled b...
CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface CLI to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access i...
CVE-2026-42194 Incomplete fix for CVE-2026-32812: SSRF in admidio
Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetchmetadata.php validates the resolved IP address but passes the original hostname-based URL to curlinit, leaving a DNS rebinding TOCTOU window that allows redirecting requests to...
CVE-2026-42404
A flaw was found in Apache Neethi. When an application explicitly calls the PolicyReference API to retrieve a policy from a remote Uniform Resource Identifier URI, Apache Neethi does not impose restrictions on the URI. This allows a remote attacker to cause the application to make outbound reques...
CVE-2026-25492
Craft CMS is a content management system. In Craft versions 3.5.0 through 4.16.17 and 5.0.0-RC1 through 5.8.21, the saveimagesAsset GraphQL mutation can be abused to fetch internal URLs by providing a domain name that resolves to an internal IP address, bypassing hostname validation. When a...
PT-2026-3248
Name of the Vulnerable Software and Affected Versions TheLibrarian affected versions not specified Description The Librarian software has an internal port scanning issue stemming from the web fetch tool. This tool allows for Server-Side Request Forgery SSRF-style behavior, enabling GET requests t...
Splunk Enterprise 9.2.0 < 9.2.10, 9.3.0 < 9.3.8, 9.4.0 < 9.4.6, 10.0 < 10.0.1 (SVD-2025-1207)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1207 advisory. - In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4,...
CVE-2025-49545
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could lead to arbitrary file system read. A high-privilege authenticated attacker can force the application to make arbitrary requests via injection of URLs. Exploitation...
CVE-2025-49551
CVE-2025-49551 affects Adobe ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier. The issue is described as Use of Hard-coded Credentials, enabling privilege escalation with unauthorized access to sensitive systems/data. Exploitation reportedly requires no user interaction and is limited to ...
CVE-2025-49546 ColdFusion | Improper Access Control (CWE-284)
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access Control vulnerability that could lead to a partial application denial-of-service. A high-privileged attacker could exploit this vulnerability to partially disrupt the availability of the application...
CVE-2025-49540 ColdFusion | Cross-site Scripting (Stored XSS) (CWE-79)
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they...
CVE-2022-30494
In oretnom23 Automotive Shop Management System v1.0, the first and last name user fields suffer from a stored XSS Injection Vulnerability allowing remote attackers to gain admin access and view internal IPs...
CVE-2025-0108
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PH...
CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...
CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...
PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. Work around: We strongly recommend customers to ensure access to your management interface is...