2 results (0.018 seconds)
CVSS: 6.1EPSS: 20%CPEs: 1EXPL: 2CVSS: 9.8EPSS: 11%CPEs: 3EXPL: 3
CVSS: 6.1EPSS: 20%CPEs: 1EXPL: 2CVE-2022-35416
https://notcve.org/view.php?id=CVE-2022-35416
11 Jul 2022 — H3C SSL VPN through 2022-07-10 allows wnm/login/login.json svpnlang cookie XSS. H3C SSL VPN versiones hasta 10-07-2022, permite una vulnerabilidad de tipo XSS en la cookie del archivo wnm/login/login.json svpnlang • https://github.com/safe3s/CVE-2022-35416 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 11%CPEs: 3EXPL: 3CVE-2005-4197 – Nortel SSL VPN 4.2.1.6 - Web Interface Input Validation
https://notcve.org/view.php?id=CVE-2005-4197
13 Dec 2005 — tunnelform.yaws in Nortel SSL VPN 4.2.1.6 allows remote attackers to execute arbitrary commands via a link in the a parameter, which is executed with extra privileges in a cryptographically signed Java Applet. • https://www.exploit-db.com/exploits/26771 •