Lucene search
K

550 matches found

Cvelist
Cvelist
added 2021/10/19 6:16 p.m.20 views

CVE-2021-31350 Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET)

An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit JET API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the...

7.5CVSS8.7AI score0.00845EPSS
Exploits0References1
Veracode
Veracode
added 2021/10/18 2:27 p.m.28 views

Denial Of Service (DoS)

MySQL is vulnerable to denial of service. An attacker is able to exploit the vulnerability by accessing the network and crashing the system...

5CVSS3.9AI score0.0187EPSS
Exploits0References9Affected Software1
Veracode
Veracode
added 2021/10/18 2:27 p.m.27 views

Denial Of Service (DoS)

MySQL is vulnerable to denial of service. An attacker is able to exploit the vulnerability by accessing the network and crashing the system...

6.5CVSS3.9AI score0.0202EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.50 views

Juniper Junos OS Vulnerability (JSA11215)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11215 advisory. - An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit JET API on Juniper Networks Junos OS and Junos OS Evolved, allo...

9CVSS8AI score0.00845EPSS
Exploits0References2
CVE
CVE
added 2021/10/12 5:35 p.m.63 views

CVE-2021-35496

The CVE-2021-35496 entry concerns the XMLA Connections component in TIBCO JasperReports Server (and variants) with a low-privilege, network-accessible attacker able to interfere with XML processing. Affected products/releases include JasperReports Server 7.2.1 and below, 7.5.0/7.5.1, 7.8.0, 7.9.0...

7.5CVSS7.3AI score0.00621EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/09/18 2:15 p.m.17 views

CVE-2021-3806

A path traversal vulnerability on Pardus Software Center's "extractArchive" function could allow anyone on the same network to do a man-in-the-middle and write files on the system...

7.1CVSS0.00676EPSS
Exploits1References3
OSV
OSV
added 2021/09/14 12:15 p.m.4 views

CVE-2021-38162

SAP Web Dispatcher versions - 7.49, 7.53, 7.77, 7.81, KRNL64NUC - 7.22, 7.22EXT, 7.49, KRNL64UC -7.22, 7.22EXT, 7.49, 7.53, KERNEL - 7.22, 7.49, 7.53, 7.77, 7.81, 7.83 processes allow an unauthenticated attacker to submit a malicious crafted request over a network to a front-end server which may,...

9.4CVSS7.3AI score0.02601EPSS
Exploits2References4
Prion
Prion
added 2021/09/08 5:15 p.m.19 views

Authorization

An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex...

4CVSS4.3AI score0.0049EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/08 5:10 p.m.20 views

CVE-2021-3053 PAN-OS: Exceptional Condition Denial-of-Service (DoS)

An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request...

7.5CVSS7.6AI score0.01008EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/09/08 5:10 p.m.19 views

CVE-2021-3052 PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface

A reflected cross-site scripting XSS vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface a...

8CVSS6.1AI score0.00628EPSS
Exploits0References1
CVE
CVE
added 2021/09/08 5:10 p.m.59 views

CVE-2021-3052

The CVE-2021-3052 issue is a Reflected XSS in the PAN-OS web interface. A authenticated network-based attacker can lure another authenticated PAN-OS administrator into clicking a crafted link to perform arbitrary actions in the admin interface. Affected versions include PAN-OS 8.1.x before 8.1.20...

8CVSS5.7AI score0.00628EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/09/08 5:10 p.m.24 views

CVE-2021-3049 Cortex XSOAR: Improper Authorization of Incident Investigations Vulnerability

An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex...

2.6CVSS4.7AI score0.0049EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/09/08 4:0 p.m.52 views

PAN-OS: Exceptional Condition Denial-of-Service (DoS)

An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request...

7.5CVSS2AI score0.01008EPSS
Exploits0References1
Prion
Prion
added 2021/08/25 12:15 p.m.18 views

Input validation

An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as t...

5.8CVSS9.1AI score0.00827EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/08/25 11:38 a.m.19 views

CVE-2021-33886

An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows a remote unauthenticated attacker to gain user-level command-line access by passing a raw external string straight through to printf statements. The attacker is required to be on the same network as t...

8.1CVSS9AI score0.00827EPSS
Exploits1References2
Kitploit
Kitploit
added 2021/08/21 12:30 p.m.22 views

Brutus - An Educational Exploitation Framework Shipped On A Modular And Highly Extensible Multi-Tasking And Multi-Processing Architecture

An educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Brutus: an Introduction Looking for version 1? See the branches in this repository. Brutus is an educational exploitation framework written in Python. It automates pre...

7.2AI score
Exploits0References5
Prion
Prion
added 2021/07/15 8:15 p.m.17 views

Design/Logic Flaw

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of...

6.4CVSS6.2AI score0.01008EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/06/18 12:0 a.m.36 views

Citrix SD-WAN Center Test Build Network DoS (CTX297155)

The remote Citrix SD-WAN Center is version 10.2.x prior to 10.2.9a, 11.1.x prior to 11.1.2c, 11.2.x prior to 11.2.3a, or 11.2.x prior to 11.3.1a. It is, therefore, vulnerable to a Network-based denial-of-service from an attacker within the same Layer 2 network segment. Note that Nessus has not...

6.5CVSS6.5AI score0.00419EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/06/16 1:8 p.m.33 views

CVE-2020-8299

Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based...

6.4AI score0.00419EPSS
Exploits0References1
NVD
NVD
added 2021/06/09 12:15 p.m.12 views

CVE-2021-33842

Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware version 0.9.2b allows an attacker to perform operations as an authenticated user. In order to exploit this vulnerability, the attacker must be within the network where the device affected is located...

8.8CVSS0.00428EPSS
Exploits0References1
Rows per page
Query Builder