Page 6 of 52 results (0.004 seconds)

CVSS: 5.9EPSS: 0%CPEs: 24EXPL: 0

CVE-2017-17841

https://notcve.org/view.php?id=CVE-2017-17841

10 Jan 2018 — Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. Palo Alto Networks PAN-OS 6.1, 7.1 y 8.0.x anteriores a 8.0.7, cuando una interfaz implementa un descifrado SSL con RSA o alberga una puerta de enlace o portal GlobalProtect, podría permitir que los atacantes remotos... • http://www.securityfocus.com/bid/102458 •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2017-15941

https://notcve.org/view.php?id=CVE-2017-15941

10 Jan 2018 — Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en Palo Alto Networks PAN-OS en versiones anteriores a 6.1.19, 7.0.x anteriores a 7.0.19, 7.1.x anteriores a 7.1.14 y 8.0.x anteriores a 8.0.7, cuando la puerta de enlace o po... • http://www.securityfocus.com/bid/102446 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •