Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-0280

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

6.3CVSS6AI score0.00303EPSS
Exploits0References2Affected Software2
RedhatCVE
RedhatCVE
added 2026/03/23 10:53 a.m.4 views

CVE-2026-32305

A flaw was found in Traefik, an HTTP reverse proxy and load balancer. A remote attacker can exploit this vulnerability by sending fragmented ClientHello packets during the Transport Layer Security TLS handshake. This causes Traefik's Server Name Indication SNI extraction to fail, leading to a...

8.3CVSS5.8AI score0.00405EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/03/11 11:57 p.m.4 views

CVE-2026-31838

A flaw was found in Istio. This vulnerability in Envoy's Role-Based Access Control RBAC header matching could allow an attacker to bypass authorization policies. By crafting requests with multiple header values, an attacker could cause Envoy to misinterpret the header, leading to unauthorized...

6.9CVSS5.8AI score0.00214EPSS
Exploits0References4
CVE
CVE
added 2025/12/01 12:0 a.m.13 views

CVE-2024-32388

CVE-2024-32388 affects Kerlink KerOS prior to 5.12. The root cause is a firewall misconfiguration that causes devices to incorrectly accept specially crafted UDP packets, enabling an attacker to bypass the firewall and access UDP-based services that would otherwise be protected. The connected doc...

5.3CVSS6.4AI score0.01453EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.5 views

PT-2025-48466

Due to a firewall misconfiguration, Kerlink devices running KerOS prior to 5.12 incorrectly accept specially crafted UDP packets. This allows an attacker to bypass the firewall and access UDP-based services that would otherwise be protected...

5.3CVSS6.8AI score0.01453EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/12 12:0 a.m.3 views

Ivanti Sentry 安全漏洞

Ivanti Sentry is an in-line gateway from Ivanti USA, Inc. used to manage, encrypt, and protect traffic between mobile devices and back-end enterprise systems. A security vulnerability exists in Ivanti Sentry that stems from an authenticated user being able to access Sentry-protected services, eve...

6.8CVSS6.5AI score0.0083EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 a.m.7 views

CVE-2019-19697

An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 v15 consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have...

7.2CVSS7.8AI score0.00818EPSS
Exploits5References1
CNNVD
CNNVD
added 2021/05/11 12:0 a.m.17 views

Istio 授权问题漏洞

Istio is a set of open platforms for connecting, managing, and securing microservices. Istio is vulnerable to an authorization issue. The vulnerability stems from the fact that when the istio gateway is configured in TLS mode "AUTOPASSTHROUGH", it is possible for an attacker to bypass authorizati...

9.8CVSS8.2AI score0.01454EPSS
Exploits1References5
OSV
OSV
added 2020/01/18 12:15 a.m.5 views

CVE-2019-19697

An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 v15 consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have...

6.7CVSS6.3AI score0.00818EPSS
Exploits5References3
Rows per page
Query Builder