CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-26404

Malware in sbrugna...

8CVSS6.3AI score0.00634EPSS

Exploits0References2

Packet Storm•added 2023/04/10 12:0 a.m.•276 views

Palo Alto Cortex XSOAR 6.5.0 Cross Site Scripting

Exploit Title: Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting XSS Exploit Author: omurugur Vendor Homepage: https://security.paloaltonetworks.com/CVE-2022-0020 Version: 6.5.0 - 6.2.0 - 6.1.0 Tested on: relevant os CVE : CVE-2022-0020 Author Web: https://www.justsecnow.com Author Socia...

6.8CVSS5.7AI score0.00999EPSS

Exploits3

Exploit DB•added 2023/04/08 12:0 a.m.•251 views

Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS)

6.8CVSS5.7AI score0.00999EPSS

Exploits3

The Hacker News•added 2023/04/04 1:16 p.m.•86 views

Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies

Cybersecurity researchers have taken the wraps off a previously undocumented ransomware strain called Rorschach that's both sophisticated and fast. "What makes Rorschach stand out from other ransomware strains is its high level of customization and its technically unique features that have not be...

9.8CVSS9.8AI score0.93958EPSS

Exploits7

NVD•added 2022/05/11 5:15 p.m.•10 views

CVE-2022-0027

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not hav...

4.3CVSS0.00149EPSS

Exploits0References1

Prion•added 2022/05/11 5:15 p.m.•18 views

Authorization

4CVSS4.3AI score0.00149EPSS

Exploits0References1Affected Software1

CVE•added 2022/05/11 4:30 p.m.•77 views

CVE-2022-0027

CVE-2022-0027 involves an improper authorization vulnerability in Palo Alto Networks Cortex XSOAR where authenticated users in non-Read-Only groups can generate an email report containing summary information about all incidents, including those the user cannot access. Affected: Cortex XSOAR 6.1–6...

4.3CVSS4.4AI score0.00149EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/05/11 4:30 p.m.•12 views

CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports

4.3CVSS4.7AI score0.00149EPSS

Exploits0References1

Palo Alto Networks•added 2022/05/11 4:0 p.m.•49 views

Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports

4.3CVSS2.6AI score0.00149EPSS

Exploits0References1

NVD•added 2022/02/10 6:15 p.m.•13 views

CVE-2022-0020

A stored cross-site scripting XSS vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators...

6.8CVSS0.00999EPSS

Exploits3References2

CVE•added 2022/02/10 6:10 p.m.•103 views

CVE-2022-0020

CVE-2022-0020 describes a stored XSS in Palo Alto Networks Cortex XSOAR web interface. An authenticated network-based attacker can store a persistent JavaScript payload that executes actions in the Cortex XSOAR UI on behalf of authenticated admins. Affected: Cortex XSOAR versions 6.1.0 and 6.2.0 ...

6.8CVSS5.2AI score0.00999EPSS

Exploits3References2Affected Software1

Cvelist•added 2022/02/10 6:10 p.m.•16 views

CVE-2022-0020 Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface

6.8CVSS6.2AI score0.00999EPSS

Exploits3References2

Palo Alto Networks•added 2022/02/09 5:0 p.m.•86 views

Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface

6.8CVSS3AI score0.00999EPSS

Exploits3References1

NVD•added 2021/09/08 5:15 p.m.•9 views

CVE-2021-3052

A reflected cross-site scripting XSS vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface a...

8CVSS0.00634EPSS

Exploits0References1

Prion•added 2021/09/08 5:15 p.m.•13 views

Cross site scripting

3.5CVSS5.1AI score0.00634EPSS

Exploits0References1Affected Software1

NVD•added 2020/11/12 12:15 a.m.•9 views

CVE-2020-1999

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-bas...

5.3CVSS5.2AI score0.00295EPSS

Exploits0References1

Prion•added 2020/11/12 12:15 a.m.•17 views

Code injection

5CVSS5.2AI score0.00295EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/11/12 12:5 a.m.•11 views

CVE-2020-1999 PAN-OS: Threat signatures are evaded by specifically crafted packets

5.3CVSS5.2AI score0.00295EPSS

Exploits0References1

CVE•added 2020/11/12 12:5 a.m.•93 views

CVE-2020-1999

CVE-2020-1999 affects PAN-OS signature-based threat detection in PAN-OS releases: 7.1.x and 8.0.x are affected, and 8.1.x pre-8.1.17, 9.0.x pre-9.0.11, and 9.1.x pre-9.1.5 are affected. The root cause is that specially crafted TCP packets allow communication that evades threat detection. Impact i...

5.3CVSS5.2AI score0.00295EPSS

Exploits0References1Affected Software1

Palo Alto Networks•added 2020/11/11 5:0 p.m.•56 views

PAN-OS: Threat signatures are evaded by specifically crafted packets

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to evade threat prevention signatures using specifically crafted TCP packets. This CVE has no impact on the confidentiality and availability of PAN-OS. This issue does not let an...

5.3CVSS4AI score0.00295EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by