17 matches found
CVE-2026-5944
An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...
CVE-2026-5944 Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access
An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...
CVE-2026-5944
An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...
CVE-2026-5944
Cisco Intersight Device Connector for Nutanix Prism Central exposes an unauthenticated API passthrough on TCP 7373. An unauthenticated network attacker can query the endpoint to enumerate cluster metadata (VM information and cluster configuration). The API is primarily read-only, but some cluster...
CVE-2026-5944 Cisco Intersight Device Connector for Nutanix Prism Central Unauthenticated API Access
An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. An unauthenticated...
Nutanix Prism Central 访问控制错误漏洞
Nutanix Prism Central is a centralized management console provided by the American company Nutanix. Nutanix Prism Central has an access control vulnerability, which stems from improper access controls. This vulnerability allows unauthenticated attackers to access the system via the network, send...
EUVD-2024-54981
Malicious code in bioql PyPI...
CVE-2024-12223
Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...
CVE-2024-12223
Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...
CVE-2024-12223 Stored Cross-site Scripting (XSS) in Nutanix Prism Central
Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...
CVE-2024-12223
CVE-2024-12223 corresponds to a stored cross-site scripting (XSS) vulnerability in Nutanix Prism Central. The issue affects Prism Central versions prior to 2024.3.1 and stems from the Events component, allowing an attacker to hijack a victim user’s session and execute actions in their security co...
CVE-2024-12223 Stored Cross-site Scripting (XSS) in Nutanix Prism Central
Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context...
Nutanix Prism Central 跨站脚本漏洞
Nutanix Prism Central is a centralized management console from Nutanix USA. A security vulnerability exists in Nutanix Prism Central versions prior to 2024.3.1 that stems from a stored cross-site scripting vulnerability in the Events component that could lead to session hijacking...
PT-2025-33891 · Nutanix · Prism Central
Name of the Vulnerable Software and Affected Versions: Prism Central versions prior to 2024.3.1 Description: Prism Central is susceptible to a stored cross-site scripting attack through the Events component. This allows an attacker to hijack a victim user’s session and perform actions within that...
virt-who bug fix and enhancement update
An update is available for virt-who. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-who service collects information about the connection between the...
virt-who bug fix and enhancement update
An update is available for virt-who. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-who service collects information about the connection between the...
virt-who bug fix and enhancement update
An update is available for virt-who. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The virt-who service collects information about the connection between the...