Lucene search
K

20 matches found

EUVD
EUVD
added 2026/07/03 12:31 a.m.8 views

EUVD-2026-41450

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938. This issue affects Fireware O...

6.1CVSS5.7AI score0.00158EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/03 12:31 a.m.8 views

EUVD-2026-41452

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...

4.8CVSS5.7AI score0.00341EPSS
Exploits0References2
NVD
NVD
added 2026/07/03 12:16 a.m.8 views

CVE-2026-13373

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Tigerpaw Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936. This issue affects Fireware O...

4.8CVSS0.00158EPSS
Exploits0References1
NVD
NVD
added 2026/07/03 12:16 a.m.10 views

CVE-2026-13377

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...

4.8CVSS0.00158EPSS
Exploits0References1
NVD
NVD
added 2026/07/03 12:16 a.m.11 views

CVE-2026-13375

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS Autotask Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938. This issue affects Fireware O...

4.8CVSS0.00158EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:5 p.m.11 views

CVE-2026-13377

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947. This issue affects Fireware OS 12.0 up to and...

4.8CVSS5.7AI score0.00158EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/02 11:5 p.m.18 views

CVE-2026-13376

CVE-2026-13376 affects WatchGuard Firebox via the Fireware OS spamBlocker module. Vulnerable component: spamBlocker in Fireware OS; vulnerable versions: Fireware OS 12.0–12.12, 12.5–12.5.18, and 2025.1–2026.2. Description: Improper Neutralization of Input During Web Page Generation leading to Sto...

4.8CVSS5.7AI score0.00158EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 11:5 p.m.37 views

CVE-2026-13374 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS ConnectWise Technology Integration module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937. This issue affects Firewar...

4.8CVSS0.00158EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.12 views

PT-2026-55332

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS spamBlocker module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-1071. This issue affects Fireware OS 12.0 up to and...

4.8CVSS5.7AI score0.00158EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/29 6:30 p.m.7 views

EUVD-2025-36672

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...

7.8CVSS7AI score0.00312EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/29 4:50 p.m.28 views

CVE-2025-1549 WatchGuard Mobile VPN with SSL Local Privilege Escallation

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...

6.3CVSS0.00133EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/29 4:50 p.m.18 views

CVE-2025-1549 WatchGuard Mobile VPN with SSL Local Privilege Escallation

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...

6.3CVSS6.9AI score0.00133EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/08/06 12:0 a.m.8 views

The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems allows a perpetrator to execute arbitrary commands.

The vulnerability of the DDSH CLI interface for Dell EMC Data Domain Operating Systems is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow attackers to execute arbitrary commands...

7.8CVSS5.8AI score0.00432EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/07/09 9:15 a.m.7 views

CVE-2025-3497

The Linux distribution underlying the Radiflow iSAP Smart Collector CentOS 7 - VSAP 1.20 is obsolete and reached end of life EOL on June 30, 2024. Thus, any unmitigated vulnerability could be exploited to affect this product...

8.7CVSS0.00334EPSS
Exploits0References1
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.5 views

M-01 Unmitigated

Lines of code Vulnerability details Mitigation of M-01: Issue not mitigated Link to Issue: code-423n4/2023-09-asymmetry-findings55 Comments The sponsor has acknowledged the issue but decided to not mitigate it. Acknowledged and did not fix, plan to upgrade a fix in the future Assessed type Other...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/21 12:0 a.m.10 views

M-02 Unmitigated

Lines of code Vulnerability details Original Issue code-423n4/2023-06-angle-findings31 Details It shows LibGetters.getCollateralRatio might return the incorrect ratio due to the unsafe cast. Mitigation PR: AngleProtocol/angle-transmuter@6f2ffcb During the mitigation, it uses the safeCast library...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/06/21 12:0 a.m.10 views

M-03 Unmitigated

Lines of code Vulnerability details Mitigation of M-03: Issue not mitigated, see comments Link to Issue: code-423n4/2023-05-ambire-findings16 Comments The issue is not mitigated. There is an error in the implementation of the mitigation of M-03. See report adriro-MR-M-03-ERROR for details. Assess...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/06/16 12:0 a.m.14 views

M-05 Unmitigated

Lines of code code-423n4/2023-05-xeth@aebc324L230 Vulnerability details If wxETH drips when nothing is staked, then the first staker can claim every drop. Mitigation code-423n4/2023-05-xeth@aebc324 This PR is added in the method accrueDrip to return if totalSupply == 0 to avoid dropping at 0. But...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/05/24 12:0 a.m.9 views

H-100 Unmitigated

Lines of code L1 Vulnerability details test Assessed type call/delegatecall --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/22 12:0 a.m.13 views

M-01 Unmitigated

Lines of code L1 Vulnerability details Lines of code L1 Vulnerability details Confirmed --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Rows per page
Query Builder