Lucene search
K

58 matches found

NVD
NVD
added last week9 views

CVE-2026-0288

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS0.00557EPSS
Exploits0References1
Cvelist
Cvelist
added last week33 views

CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS0.00557EPSS
Exploits0References1
CVE
CVE
added last week43 views

CVE-2026-0288

CVE-2026-0288 describes multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS. An unauthenticated attacker with network access can trigger DoS or potentially execute arbitrary code by sending specially crafted traffic. PAN-OS Pa...

9.2CVSS6.5AI score0.00557EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added last week23 views

EUVD-2026-42388

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent TSA component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service DoS condition or potentially execute arbitrary code by sending specially crafted...

9.2CVSS6.5AI score0.00557EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.12 views

CVE-2026-8364

Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...

9.8CVSS5.5AI score0.00305EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.14 views

CVE-2026-8360

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface in various DLLs i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll can return a NULL pointer i.e., when no user is logged into the Triofox Server Agent Management Console. The returned NULL pointer is not checked before being...

7.5CVSS5.5AI score0.00275EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.9 views

Gladinet Triofox Server Agent Missing Authentication for Critical Function (CVE-2026-8364)

Binary data gladinettriofoxserveragentcve-2026-8364.nbin...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/27 7:47 p.m.9 views

CVE-2026-8360

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface in various DLLs i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll can return a NULL pointer i.e., when no user is logged into the Triofox Server Agent Management Console. The returned NULL pointer is not checked before being...

7.5CVSS5.8AI score0.00275EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 7:38 p.m.15 views

EUVD-2026-32641

Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 7:38 p.m.10 views

CVE-2026-8364

Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 7:38 p.m.22 views

CVE-2026-8364

Affected software: Gladinet Triofox Cloud Server Agent (GladServerAgentService.exe). Vulnerability behavior: listens on TCP port 7878 and processes remote HTTP messages with URL paths /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache. Impact: CVSS 3.1 base score 9.8; con...

9.8CVSS5.8AI score0.00305EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.18 views

PT-2026-44098

Name of the Vulnerable Software and Affected Versions Gladinet Triofox Cloud Server Agent affected versions not specified Description Improper handling of remote HTTP messages in the GladServerAgentService.exe, which listens on TCP port 7878, allows unauthenticated attackers to potentially gain...

9.8CVSS5.9AI score0.00305EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/02/11 5:55 p.m.6 views

CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate

An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so...

5.3CVSS5.5AI score0.00188EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/11 5:55 p.m.28 views

CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate

An improper certificate validation vulnerability in PAN-OS allows users to connect Terminal Server Agents on Windows to PAN-OS using expired certificates even if the PAN-OS configuration would not normally permit them to do so...

5.3CVSS0.00188EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 5:55 p.m.25 views

CVE-2026-0228

Technical details about CVE-2026-0228 are not publicly provided in the supplied documents. Monitor for updates from Palo Alto Networks or other sources for affected products, impact, and remediation.

5.3CVSS5.5AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/17 8:4 p.m.8 views

CVE-2025-13532

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS7AI score0.00085EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/16 9:30 p.m.4 views

EUVD-2025-203842

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS6.5AI score0.00085EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/16 8:1 p.m.4 views

CVE-2025-13532 Weak Password Hash in Core Privileged Access Manager (BoKS)

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS6.7AI score0.00085EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/16 8:1 p.m.33 views

CVE-2025-13532 Weak Password Hash in Core Privileged Access Manager (BoKS)

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS0.00085EPSS
Exploits0References1
CVE
CVE
added 2025/12/16 8:1 p.m.13 views

CVE-2025-13532

This CVE concerns Fortra’s Core Privileged Access Manager (BoKS): BoKS Server Agent 9.0 with yescrypt support running in a BoKS 8.1 domain is affected by insecure defaults that can cause the use of weak password hash algorithms. The issue is described across multiple sources as an insecure defaul...

6.2CVSS6.7AI score0.00085EPSS
Exploits0References1
Rows per page
Query Builder