6304 matches found
CVE-2026-0243
The CVE-2026-0243 entry concerns Palo Alto Networks Prisma SD-WAN ION devices. A denial-of-service condition arises when an unauthenticated attacker on an adjacent network sends a specially crafted IPv6 packet, causing a system disruption. The description identifies this as a high-severity issue ...
CVE-2026-0244 Prisma SD-WAN: Improper Certificate Validation Vulnerability
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...
CVE-2026-0244
The CVE-2026-0244 issue affects Palo Alto Networks’ Prisma SD-WAN ION and is due to improper certificate validation. This vulnerability enables a man-in-the-middle attacker to impersonate the controller, with high potential impact to confidentiality, integrity, and availability. Root cause is cer...
Palo Alto Networks Prisma SD-WAN ION 安全漏洞
Palo Alto Networks Prisma SD-WAN ION is a series of next-generation software-defined enterprise branch devices from the American company Palo Alto Networks. These devices integrate 4G or 5G cellular network access capabilities. There is a security vulnerability in Palo Alto Networks Prisma SD-WAN...
PT-2026-40779
A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...
PT-2026-40768
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...
CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities
barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...
CVE-2026-34963
Barebox EFI PE loader (efi/loader/pe.c) contains multiple memory-safety vulnerabilities in versions prior to 2026.04.0: (1) 32-bit arithmetic overflow in virtual image size calculation on section VirtualAddress/size can cause undersized heap allocations, and (2) PE section loading does not valida...
CVE-2026-43189 media: v4l2-async: Fix error handling on steps after finding a match
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...
systemd security update
252-55.0.3.el97.9 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug...
Multiple vulnerabilities in silex technology SD-330AC and AMC Manager
Overview SD-330AC and AMC Manager provided by silex technology, Inc. contain multiple vulnerabilities listed below. Stack-based buffer overflow in processing the redirect URLs CWE-121 - CVE-2026-32955 Heap-based buffer overflow in processing the redirect URLs CWE-122 - CVE-2026-32956 Missing...
CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation. The list of vulnerabilities is as...
EUVD-2026-23758
Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial factory-default configuration, the device can be configured with the null string password...
EUVD-2026-23747
SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device...
EUVD-2026-23749
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device...
EUVD-2026-23750
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without authentication...
EUVD-2026-23756
SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scripting vulnerability. When a user logs in to the affected device and access some crafted web page, arbitrary script may be executed on the user's browser...
EUVD-2026-23754
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sxsmpd. Processing a crafted packet may cause a temporary denial-of-service DoS condition...
EUVD-2026-23751
SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update...
EUVD-2026-23752
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle attack...