Lucene search
+L

37 matches found

EUVD
EUVD
added 2026/07/09 7:1 p.m.7 views

EUVD-2026-42678

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS6AI score0.00338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/09 7:1 p.m.7 views

CVE-2026-0283

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS6AI score0.00338EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/09 7:1 p.m.37 views

CVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)

An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection. Panorama, Cloud NGFW, and Prisma® Access are not...

7.8CVSS0.00338EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/07/08 12:0 a.m.7 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. An authentication bypass vulnerability in Large Scale VPN LSVPN functionality of Palo Alto Networks PAN-OS software allo...

7.8CVSS7AI score0.00338EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 p.m.15 views

CVE-2026-50752

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS5.8AI score0.04859EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 12:16 p.m.19 views

CVE-2026-50752

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS0.04859EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:0 a.m.8 views

CVE-2026-50752

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS5.8AI score0.04859EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/08 11:0 a.m.10 views

CVE-2026-50752 Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS5.5AI score0.04859EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 11:0 a.m.53 views

CVE-2026-50752 Certificate Validation Bypass in VPN Site-to-Site Connections Using IKEv1

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS0.04859EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 11:0 a.m.232 views

CVE-2026-50752

The CVE-2026-50752 entry describes a weakness in the certificate validation logic of the deprecated IKEv1 key exchange used in VPN site‑to‑site connections with certificate‑based authentication. An unauthenticated attacker positioned as a man‑in‑the‑middle could bypass certificate validation, pot...

7.4CVSS5.8AI score0.04859EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.19 views

PT-2026-47277

Name of the Vulnerable Software and Affected Versions Check Point Security Gateways and Check Point Spark Firewall affected versions not specified Description A weakness in the certificate validation logic of the deprecated IKEv1 Internet Key Exchange version 1 key exchange allows an...

7.4CVSS5.7AI score0.04859EPSS
Exploits0References34
CheckPoint Security
CheckPoint Security
added 2026/06/07 12:0 a.m.35 views

CVE-2026-50752 - VPN site to site certificate bypass vulnerability in deprecated IKEv1 key exchange

Symptoms - A vulnerability in the certificate validation logic of the deprecated IKEv1 key exchange method may lead to a man-in-the-middle attack on the VPN site-to-site configuration. This vulnerability was discovered by Check Point security research team. There are no reported exploits of this...

7.4CVSS6.1AI score0.04859EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-17846

Malware in sbrugna...

5.9CVSS5.9AI score0.2039EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51495

Malicious code in bioql PyPI...

4.5CVSS4.6AI score0.00669EPSS
Exploits0References1
OSV
OSV
added 2025/09/12 11:46 a.m.8 views

BIT-NIFI-2020-9491

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. However intracluster communication such as cluster request replication, Site-to-Site, and load balanced...

7.5CVSS7AI score0.02871EPSS
Exploits0References4
Rapid7 Blog
Rapid7 Blog
added 2025/09/10 5:44 p.m.10 views

Akira Ransomware Group Utilizing SonicWall Devices for Initial Access

Latest update – September 18, 2025 On September 17, 2025, SonicWall disclosed a security breach affecting all SonicWall customers with MySonicWall.com cloud backups enabled. The firm detected suspicious activity targeting MySonicWall.com, through which threat actors were able to access backup...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/11 12:0 a.m.81 views

Rocky Linux 8 : Satellite 6.14 (RLSA-2023:6818)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:6818 advisory. - A flaw was found in all versions of kubeclient up to but not including v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfi...

10CVSS8.3AI score0.99999EPSS
Exploits30References319
Tenable Nessus
Tenable Nessus
added 2023/10/04 12:0 a.m.116 views

Cisco Adaptive Security Appliance Software Remote Access VPN Unauthorized Access - Brute Force Attack (cisco-sa-asaftd-ravpn-auth-8LyfCkeC)

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations. This vulnerability is due to improper separation o...

9.1CVSS8.6AI score0.21583EPSS
Exploits0References4
NVD
NVD
added 2022/12/16 4:15 p.m.25 views

CVE-2022-4130

A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server...

4.5CVSS0.00669EPSS
Exploits0References1
OSV
OSV
added 2022/12/16 4:15 p.m.9 views

CVE-2022-4130

A blind site-to-site request forgery vulnerability was found in Satellite server. It is possible to trigger an external interaction to an attacker's server by modifying the Referer header in an HTTP request of specific resources in the server...

4.5CVSS5.8AI score0.00669EPSS
Exploits0References1
Rows per page
Query Builder