Lucene search
K

6304 matches found

CVE
CVE
added 2026/05/13 7:10 p.m.31 views

CVE-2026-0243

The CVE-2026-0243 entry concerns Palo Alto Networks Prisma SD-WAN ION devices. A denial-of-service condition arises when an unauthenticated attacker on an adjacent network sends a specially crafted IPv6 packet, causing a system disruption. The description identifies this as a high-severity issue ...

7.1CVSS5.8AI score0.00161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 7:3 p.m.8 views

CVE-2026-0244 Prisma SD-WAN: Improper Certificate Validation Vulnerability

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

7.7CVSS5.8AI score0.00107EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 7:3 p.m.21 views

CVE-2026-0244

The CVE-2026-0244 issue affects Palo Alto Networks’ Prisma SD-WAN ION and is due to improper certificate validation. This vulnerability enables a man-in-the-middle attacker to impersonate the controller, with high potential impact to confidentiality, integrity, and availability. Root cause is cer...

7.7CVSS5.8AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Palo Alto Networks Prisma SD-WAN ION 安全漏洞

Palo Alto Networks Prisma SD-WAN ION is a series of next-generation software-defined enterprise branch devices from the American company Palo Alto Networks. These devices integrate 4G or 5G cellular network access capabilities. There is a security vulnerability in Palo Alto Networks Prisma SD-WAN...

7.1CVSS5.8AI score0.00161EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.10 views

PT-2026-40779

A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...

7.1CVSS5.8AI score0.00161EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.17 views

PT-2026-40768

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

7.7CVSS5.8AI score0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 10:17 p.m.40 views

CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities

barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size computation using 32-bit arithmetic on section VirtualAddress and size values allows undersized heap allocation, and PE section...

8.6CVSS0.00157EPSS
Exploits0References3
CVE
CVE
added 2026/05/11 10:17 p.m.34 views

CVE-2026-34963

Barebox EFI PE loader (efi/loader/pe.c) contains multiple memory-safety vulnerabilities in versions prior to 2026.04.0: (1) 32-bit arithmetic overflow in virtual image size calculation on section VirtualAddress/size can cause undersized heap allocations, and (2) PE section loading does not valida...

8.6CVSS6.3AI score0.00157EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/06 11:27 a.m.25 views

CVE-2026-43189 media: v4l2-async: Fix error handling on steps after finding a match

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered in case it wasn't already, its bound operation is called,...

0.00127EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2026/05/05 12:0 a.m.11 views

systemd security update

252-55.0.3.el97.9 - serialize: don't allocate 1M on the stack just like that LINUX-16166 - Route logs from container mapped uids to the system journal Orabug: 38135007 - Drop delay when nspawn fails to reset loginuid Orabug: 37793135 - Improve logging for api bus connection and subscribers Orabug...

5.5CVSS5.8AI score0.0066EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/04/21 6:27 a.m.10 views

Multiple vulnerabilities in silex technology SD-330AC and AMC Manager

Overview SD-330AC and AMC Manager provided by silex technology, Inc. contain multiple vulnerabilities listed below. Stack-based buffer overflow in processing the redirect URLs CWE-121 - CVE-2026-32955 Heap-based buffer overflow in processing the redirect URLs CWE-122 - CVE-2026-32956 Missing...

9.8CVSS6.9AI score0.40002EPSS
Exploits1References27
The Hacker News
The Hacker News
added 2026/04/21 6:23 a.m.14 views

CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation. The list of vulnerabilities is as...

10CVSS7.7AI score0.99991EPSS
Exploits26
EUVD
EUVD
added 2026/04/20 6:31 a.m.4 views

EUVD-2026-23758

Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial factory-default configuration, the device can be configured with the null string password...

8.7CVSS5.8AI score0.00346EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 6:31 a.m.5 views

EUVD-2026-23747

SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device...

8.8CVSS6.2AI score0.00624EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 6:31 a.m.4 views

EUVD-2026-23749

SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device...

9.8CVSS6.1AI score0.00522EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 6:31 a.m.5 views

EUVD-2026-23750

SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without authentication...

6.9CVSS5.8AI score0.00274EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 6:31 a.m.7 views

EUVD-2026-23756

SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scripting vulnerability. When a user logs in to the affected device and access some crafted web page, arbitrary script may be executed on the user's browser...

6.1CVSS5.7AI score0.00161EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 6:31 a.m.7 views

EUVD-2026-23754

SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sxsmpd. Processing a crafted packet may cause a temporary denial-of-service DoS condition...

6.9CVSS6AI score0.00566EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 6:31 a.m.6 views

EUVD-2026-23751

SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update...

6.9CVSS5.7AI score0.00228EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 6:31 a.m.13 views

EUVD-2026-23752

SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle attack...

8.2CVSS5.7AI score0.00209EPSS
Exploits0References4
Rows per page
Query Builder