Versa Director 跨站脚本漏洞

Versa Networks Versa Director is a virtualization and service creation platform from Versa Networks, USA. It simplifies the creation, automation and delivery of services using Versa FlexVNF. A security vulnerability exists in Versa Director Release, which can be exploited by an attacker to create...

Palo Alto Networks PAN-OS 8.1.x < 8.1.16 / 9.0.x < 9.0.10 / 9.1.x < 9.1.4 / 10.0.x < 10.0.1 Command Injection Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.16 or 9.0.x prior to 9.0.10 or 9.1.x prior to 9.1.4 or 10.0.x prior to 10.0.1. It is, therefore, affected by a vulnerability. - An OS command injection and memory corruption vulnerability in the PAN-OS...

CVE-2020-2000

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than...

PAN-OS: System proxy passwords may be logged in clear text while viewing system state

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. Work around: This issue impacts the management web interface. You...

CVE-2017-17477

Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views...

Design/Logic Flaw

Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views...

CVE-2017-17477

CVE-2017-17477 concerns Pexip Infinity prior to 17, where an unauthenticated remote attacker can trigger stored cross-site scripting via the management web interface views. The vulnerability affects the admin-facing web UI and can lead to script execution in a user’s browser. The available connec...

CVE-2017-17477

Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views...

Palo Alto Networks PAN-OS 10.0.x < 10.0.1 Buffer Overflow

The version of Palo Alto Networks PAN-OS running on the remote host is 10.0.x prior to 10.0.1. It is, therefore, affected by a buffer overflow vulnerability in the management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code...

CVE-2020-2042

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1...

CVE-2020-2039

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the...

Denial of service

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the...

CVE-2020-2042 PAN-OS: Buffer overflow in the management web interface

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1...

EUVD-2020-22065

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the...

CVE-2020-2036 PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface

A reflected cross-site scripting XSS vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could...

PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface

A reflected cross-site scripting XSS vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could...

PAN-OS: Management web interface denial-of-service (DoS)

An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS...

PAN-OS: Management web interface denial-of-service (DoS) through unauthenticated file upload

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the...

CVE-2013-3070

An Information Disclosure vulnerability exists in Netgear WNDR4700 running firmware 1.0.0.34 in the management web interface, which discloses the PSK of the wireless LAN...

CVE-2019-9231

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions before 7.20A.202.307. A Cross-Site Request Forgery CSRF vulnerability in the management web interface allows remote attackers to execute malicious and unauthorized actions,...