NotCVE - vendor:"Paloaltonetworks"

Page 41 of 237 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 23EXPL: 0

CVE-2017-5583

https://notcve.org/view.php?id=CVE-2017-5583

The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors. La Management Web Interface en Palo Alto Networks PAN-OS en versiones anteriores a 6.1.16, 7.0.x en versiones anteriores a 7.0.13 y 7.1.x en versiones anteriores a 7.1.8 permite a usuarios remotos autenticados leer archivos arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/96370 http://www.securitytracker.com/id/1037890 https://security.paloaltonetworks.com/CVE-2017-5583 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.4EPSS: 0%CPEs: 52EXPL: 0

CVE-2017-5584

https://notcve.org/view.php?id=CVE-2017-5584

Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-OS 5.1, 6.x before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la Management Web Interface en Palo Alto Networks PAN-OS 5.1, 6.x en versiones anteriores a 6.1.16, 7.0.x en versiones anteriores a 7.0.13 y 7.1.x en versiones anteriores a 7.1.8 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/96371 http://www.securitytracker.com/id/1037889 https://security.paloaltonetworks.com/CVE-2017-5584 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 52%CPEs: 87EXPL: 1

CVE-2016-8610 – SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS

https://notcve.org/view.php?id=CVE-2016-8610

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. Se ha encontrado un fallo de denegación de servicio en OpenSSL en las versiones 0.9.8, 1.0.1, 1.0.2 hasta la 1.0.2h y la 1.1.0 en la forma en la que el protocolo TLS/SSL definió el procesamiento de paquetes ALERT durante una negociación de conexión. Un atacante remoto podría emplear este fallo para hacer que un servidor TLS/SSL consuma una cantidad excesiva de recursos de CPU y fracase a la hora de aceptar conexiones de otros clientes. A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. • https://github.com/cujanovic/CVE-2016-8610-PoC http://rhn.redhat.com/errata/RHSA-2017-0286.html http://rhn.redhat.com/errata/RHSA-2017-0574.html http://rhn.redhat.com/errata/RHSA-2017-1415.html http://rhn.redhat.com/errata/RHSA-2017-1659.html http://seclists.org/oss-sec/2016/q4/224 http://www.securityfocus.com/bid/93841 http://www.securitytracker.com/id/1037084 https://access.redhat.com/errata/RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1414 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-5328

https://notcve.org/view.php?id=CVE-2017-5328

Palo Alto Networks Terminal Services Agent before 7.0.7 allows attackers to spoof arbitrary users via unspecified vectors. Palo Alto Networks Terminal Services Agent en versiones anteriores a 7.0.7 permite a un atacantes suplantar usuarios arbitrarios a través de vectores no especificados. • http://www.securityfocus.com/bid/95823 https://security.paloaltonetworks.com/CVE-2017-5328 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-5329 – Palo Alto Networks Terminal Services Agent 7.0.3-13 - Integer Overflow

https://notcve.org/view.php?id=CVE-2017-5329

Palo Alto Networks Terminal Services Agent before 7.0.7 allows local users to gain privileges via vectors that trigger an out-of-bounds write operation. Palo Alto Networks Terminal Services Agent en versiones anteriores a 7.0.7 permite a usuarios locales obtener privilegios a través de vectores que desencadenan una operación de escritura fuera de límites. Palo Alto Networks Terminal Services Agent version 7.0.3-13 suffers from an integer overflow vulnerability. • https://www.exploit-db.com/exploits/41176 http://www.securityfocus.com/bid/95818 https://security.paloaltonetworks.com/CVE-2017-5329 • CWE-787: Out-of-bounds Write •

1...39 40 41 42 43