Lucene search
K

17220 matches found

Nuclei
Nuclei
added yesterday65 views

WordPress Visitor Statistics (Real Time Traffic) <4.8 -SQL Injection

WordPress Visitor Statistics Real Time Traffic plugin before 4.8 does not properly sanitize and escape the refUrl in the refDetails AJAX action, which is available to any authenticated user. This could allow users with a role as low as subscriber to perform SQL injection attacks. id: CVE-2021-247...

8.8CVSS7AI score0.38298EPSS
Exploits5References5
The Hacker News
The Hacker News
added 4 days ago7 views

Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking

Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic private and secure. The apps flagged with at least one problem have been installed more than 2.4...

6.1AI score
Exploits0
CVE
CVE
added 5 days ago13 views

CVE-2026-57019

CVE-2026-57019 affects Junos OS on MX Series. An issue in the Packet Forwarding Engine (pfe) due to improper validation of a specified quantity in input can allow an unauthenticated adjacent attacker to cause a Denial-of-Service by triggering an FPC major error and a reset, impacting traffic unti...

7.1CVSS6AI score0.00269EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-57019

An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a specific packet is received from device in the same broadcast...

7.1CVSS6AI score0.00269EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-57019 Junos OS: MX Series: Specific traffic causes an FPC to reset

An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a specific packet is received from device in the same broadcast...

7.1CVSS0.00269EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-0277

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS0.00125EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-0280

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

7.2CVSS0.00475EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-42689

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS6AI score0.00125EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago37 views

CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS

An improper certificate validation vulnerability in the Prisma® Access Agent for iOS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. The Prisma Access Agent on Windows, macOS, Linux, Android and ChromeOS are not affected...

8.7CVSS0.00125EPSS
Exploits0References1
CVE
CVE
added 5 days ago16 views

CVE-2026-0277

The CVE covers Prisma Access Agent for iOS with an improper certificate validation weakness enabling a man-in-the-middle to intercept VPN traffic. Other platforms (Windows, macOS, Linux, Android, ChromeOS) are not affected. Root cause: improper certificate validation in iOS client. Impact is desc...

8.7CVSS6AI score0.00125EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-0280

CVE-2026-0280 concerns an IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS that allows an unauthenticated attacker to bypass firewall policy enforcement, enabling blocked traffic to reach protected services. Connected sources confirm PAN-OS impacts, with Cloud NG...

7.2CVSS6AI score0.00475EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 5 days ago11 views

EUVD-2026-42681

An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services. Cloud NGFW and Panorama are not impacted...

6.3CVSS6AI score0.00475EPSS
Exploits0References1
CVE
CVE
added 5 days ago15 views

CVE-2026-0287

CVE-2026-0287 describes multiple denial-of-service vulnerabilities in Palo Alto Networks PAN-OS, exploitable by unauthenticated network access to dataplane interfaces. Affected: PAN-OS versions including 10.2.x, 11.1.x, 11.2.x and 12.1.x. Impact: potential DoS with firewall entering maintenance m...

8.7CVSS5.9AI score0.00534EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 5 days ago57 views

CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing

Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service DoS condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this...

8.7CVSS0.00534EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 5 days ago6 views

CVE-2026-15163

A flaw was found in Wireshark. A local user could trigger multiple protocol dissector infinite loops by providing specially crafted network traffic for analysis. This could lead to a Denial of Service DoS condition, making the application unresponsive. Mitigation To mitigate this issue, users...

7.5CVSS5.9AI score0.00187EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 5 days ago5 views

CVE-2026-15166

A flaw was found in Wireshark, a network protocol analyzer. An attacker could exploit this vulnerability by sending a specially crafted network packet, which would cause the IEEE 802.11 protocol dissector to crash. This issue results in a denial of service, making the Wireshark application...

5.7CVSS5.9AI score0.00133EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 6 days ago11 views

Palo Alto Networks PAN-OS 10.2.x / 11.1.x / 11.2.x / 12.1.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.2.x, 11.1.x, 11.2.x, or 12.1.x. It is, therefore, affected by a vulnerability. Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS software allow an unauthenticated attacker with...

8.7CVSS7AI score0.00534EPSS
Exploits0References2
OSV
OSV
added last week7 views

CVE-2026-53935 CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation

Cilium is a networking, observability, and security solution. Prior to 1.17.16, from 1.18.2 to 1.18.9, and from 1.19.0 to 1.19.3, users with the ability to create CiliumLocalRedirectPolicies can specify arbitrary ClusterIPs via addressMatcher, enabling hijacking traffic to Services in any namespa...

6.9CVSS6AI score0.00341EPSS
Exploits0References9
OSV
OSV
added last week5 views

GO-2026-5914 CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation in github.com/cilium/cilium

CiliumLocalRedirectPolicy addressMatcher allows cross-namespace service traffic hijacking and can break service translation in github.com/cilium/cilium...

6.9CVSS5.9AI score0.00341EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/07/06 3:7 p.m.6 views

nodejs: Node.js: Silent authority rebinding due to embedded-nul hostnames in TLS handling

A flaw was found in Node.js. This vulnerability in the TLS Transport Layer Security hostname handling allows embedded null characters in hostnames. This can lead to silent authority rebinding, potentially enabling an attacker to redirect network traffic to an unintended server and disclose...

9.8CVSS6.4AI score0.00405EPSS
Exploits0References7
Rows per page
Query Builder