Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/05/12 2:21 p.m.16 views

CVE-2026-0300

A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. T...

9.8CVSS6.4AI score0.36157EPSS
Exploits6References1
ATTACKERKB
ATTACKERKB
added 2025/07/08 8:49 p.m.4 views

CVE-2025-49536

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Incorrect Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of...

7.3CVSS5.8AI score0.00304EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/08 12:0 a.m.2 views

PT-2025-28743 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier ColdFusion versions prior to 2025.3 Description: The issue is related to an incorrect authorization vulnerability that could result in a security feature bypass. A low-privileged attack...

8.5CVSS6.4AI score0.00304EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/13 2:38 a.m.13 views

CVE-2025-0125

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have network access to the...

6.9CVSS6.6AI score0.00371EPSS
Exploits0References3
OSV
OSV
added 2025/04/11 2:15 a.m.6 views

CVE-2025-0124

An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include syste...

3.8CVSS5.8AI score0.00307EPSS
Exploits0References1
OSV
OSV
added 2024/11/18 4:15 p.m.1 views

CVE-2024-0012

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege...

9.8CVSS5.8AI score0.99698EPSS
Exploits18References4
Rows per page
Query Builder