NA - CVE-2024-37040 - CWE-120: Buffer Copy without Checking Size of...
CWE-120: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) vulnerability exists that could allow a user with access to the device’s web interface to cause a fault on the device...
NA - CVE-2024-37878 - Cross Site Scripting vulnerability in TWCMS...
Cross Site Scripting vulnerability in TWCMS v.2.0.3 allows a remote attacker to execute arbitrary code via the /TWCMS-gh-pages/twcms/runtime/twcms_view/default,index.htm.php" PHP directly echoes...
NA - CVE-2024-5557 - CWE-532: Insertion of Sensitive Information...
CWE-532: Insertion of Sensitive Information into Log File vulnerability exists that could cause exposure of SNMP credentials when an attacker has access to the controller logs.
NA - CVE-2024-5558 - CWE-367: Time-of-check Time-of-use (TOCTOU)...
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability exists that could cause escalation of privileges when an attacker abuses a limited admin account.
NA - CVE-2024-5560 - CWE-125: Out-of-bounds Read vulnerability...
CWE-125: Out-of-bounds Read vulnerability exists that could cause denial of service of the device’s web interface when an attacker sends a specially crafted HTTP request.
NA - CVE-2024-5898 - A vulnerability was found in itsourcecode...
A vulnerability was found in itsourcecode Payroll Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file print_payroll.php. The...
NA - CVE-2024-5905 - A problem with a protection mechanism in the...
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However,...
NA - CVE-2024-5906 - A cross-site scripting (XSS) vulnerability in...
A cross-site scripting (XSS) vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a...
NA - CVE-2024-5907 - A privilege escalation (PE) vulnerability in...
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does...
NA - CVE-2024-5908 - A problem with the Palo Alto Networks...
A problem with the Palo Alto Networks GlobalProtect app can result in exposure of encrypted user credentials, used for connecting to GlobalProtect, in application logs. Normally, these application...