CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 1CVE-2019-14270
https://notcve.org/view.php?id=CVE-2019-14270
Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6870, and Comodo Internet Security Premium through 12.0.0.6870, with the Comodo Container feature, are vulnerable to Sandbox Escape. Comodo Antivirus hasta la versión 12.0.0.6870, Comodo Firewall hasta la versión 12.0.0.6870, y Comodo Internet Security Premium hasta la versión 12.0.0.6870, con la característica Comodo Container, son vulnerables a un escape del Sandbox. • https://gaissecurity.com/yazi/discovery-of-sandbox-escape-on-comodo-container-antivirus-amp-firewall •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 3CVE-2010-0475 – Palo Alto Network Vulnerability - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-0475
Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en esp/editUser.esp en el firewall Palo Alto Networks 3.0.x en versiones anteriores a la 3.0.9 y 3.1.x en versiones anteriores a la 3.1.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "role". Palo Alto Network suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/12660 http://archives.neohapsis.com/archives/bugtraq/2010-05/0086.html http://www.jeromiejackson.com/index.php?view=article&id=83:palo-alto-cross-site-scripting-vulnerability&tmpl=component&print=1&layout=default&page= http://www.securityfocus.com/bid/40113 https://exchange.xforce.ibmcloud.com/vulnerabilities/58624 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 2CVE-2008-0494
https://notcve.org/view.php?id=CVE-2008-0494
Cross-site scripting (XSS) vulnerability in vpnum/userslist.php in Endian Firewall 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the psearch parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de Cross-site scripting (XSS) en vpnum/userslist.php en Endian Firewall 2.1.2 permite a atacantes remotos inyectar script web o HTML a su elección mediante el parámetro psearch. NOTA: la procedencia de esta información es desconocida; los detalles se obtienen únicamente de información de terceros. • http://downloads.securityfocus.com/vulnerabilities/exploits/27477.html http://www.securityfocus.com/bid/27477 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 4%CPEs: 2EXPL: 0CVE-2008-0263
https://notcve.org/view.php?id=CVE-2008-0263
The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4.6.1 does not reuse SIP media ports in unspecified call hold and send-only stream scenarios, which allows remote attackers to cause a denial of service (port exhaustion) via unspecified vectors. El módulo SIP en Ingate Firewall anterior a 4.6.1 y SIParator anterior a 4.6.1 no reutilizar los puertos de media SIP en llamadas de contro sin especificar y enviar solamente escenarios de multitud, lo cual permite a atacantes remotos provocar denegación de servicio (consumo de puerto) a través de vectores no especificados. • http://osvdb.org/40365 http://secunia.com/advisories/28394 http://www.ingate.com/relnote-461.php http://www.securityfocus.com/bid/27222 http://www.securitytracker.com/id?1019176 http://www.securitytracker.com/id?1019177 http://www.vupen.com/english/advisories/2008/0108 • CWE-399: Resource Management Errors •