CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

676 matches found

Vulnrichment•added 2024/10/03 10:19 p.m.•14 views

CVE-2024-45367 Optigo Networks ONS-S8 Spectra Aggregation Switch Weak Authentication

The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a password...

9.3CVSS7.2AI score0.00134EPSS

Exploits0References1

Vulnrichment•added 2024/10/03 10:17 p.m.•7 views

CVE-2024-41925 Optigo Networks ONS-S8 Spectra Aggregation Switch PHP Remote File Inclusion

The web service for ONS-S8 - Spectra Aggregation Switch includes functions which do not properly validate user input, allowing an attacker to traverse directories, bypass authentication, and execute remote code...

9.8CVSS7.3AI score0.00082EPSS

Exploits0References1

ICS•added 2024/10/01 6:0 a.m.•27 views

Optigo Networks ONS-S8 - Spectra Aggregation Switch

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...

9.8CVSS10AI score0.00134EPSS

Exploits0References10

Positive Technologies•added 2024/10/01 12:0 a.m.•3 views

PT-2024-31581 · Spectra · Ons-S8

Name of the Vulnerable Software and Affected Versions: ONS-S8 - Spectra Aggregation Switch affected versions not specified Description: The web server for ONS-S8 - Spectra Aggregation Switch includes an incomplete authentication process, which can lead to an attacker authenticating without a...

9.3CVSS7.1AI score0.00134EPSS

Exploits0References13

OSV•added 2024/09/25 5:15 p.m.•2 views

CVE-2024-20467

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...

8.6CVSS5.9AI score0.141EPSS

Exploits0References1

OSV•added 2024/09/10 2:15 p.m.•2 views

CVE-2024-8654

MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage. This issue affected MongoDB Server v6.0 version 6.0.3...

9.8CVSS6.9AI score

Exploits0References2

OSV•added 2024/09/10 2:15 p.m.•5 views

UBUNTU-CVE-2024-8654

9.8CVSS5.8AI score0.00453EPSS

Exploits0References2

Vulnrichment•added 2024/09/10 1:35 p.m.•13 views

CVE-2024-8654 MongoDB Server may access non-initialized region of memory leading to unexpected behaviour

5CVSS7.1AI score0.00453EPSS

Exploits0References1

MongoDB•added 2024/09/10 12:29 p.m.•18 views

MongoDB Server may access non-initialized region of memory leading to unexpected behaviour

9.8CVSS6.7AI score0.00453EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/09/10 12:0 a.m.•2 views

PT-2024-39153

Name of the Vulnerable Software and Affected Versions: MongoDB Server version 6.0.3 Description: The issue is related to MongoDB Server accessing a non-initialized region of memory, leading to unexpected behavior when zero arguments are called in an internal aggregation stage. Recommendations: Fo...

9.8CVSS8.6AI score0.00453EPSS

Exploits0References20

FreeBSD•added 2024/09/10 12:0 a.m.•5 views

mongodb -- MongoDB Server access to non-initialized memory

[email protected] reports: MongoDB Server may access non-initialized region of memory leading to unexpected behaviour when zero arguments are called in internal aggregation stage...

9.8CVSS6.6AI score0.00453EPSS

Exploits0References1

BDU FSTEC•added 2024/09/04 12:0 a.m.•2 views

The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ice component in the Linux operating system’s kernel is related to the emergence of a race condition that can lead to mutual locking. In this condition, the interface leaves the LAG state and immediately re-enters the LAG state. Exploiting this vulnerability allows an...

5.5CVSS5.8AI score0.00008EPSS

Exploits0References10Affected Software2

RedHat Linux•added 2024/08/28 12:34 p.m.•1 views

kernel: ice: fix LAG and VF lock dependency in ice_reset_vf()

CVE-2024-36003 pertains to a deadlock vulnerability in the Linux kernel's ICE driver, which manages Intel Ethernet controllers. The issue arises from improper lock acquisition order between the Link Aggregation LAG mutex and the Virtual Function VF configuration lock within the iceresetvf functio...

5.5CVSS7.3AI score0.00022EPSS

Exploits0References5

SUSE CVE•added 2024/08/22 2:58 a.m.•5 views

SUSE CVE-2024-43880

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but the...

5.5CVSS6.4AI score0.00018EPSS

Exploits0References14

RedhatCVE•added 2024/08/21 7:11 p.m.•22 views

CVE-2024-43880

4.7CVSS6AI score0.00018EPSS

Exploits0References4

OSV•added 2024/08/21 7:15 a.m.•2 views

UBUNTU-CVE-2022-48875

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: sdata can be NULL during AMPDU start ieee80211txbasessionhandlestart may get NULL for sdata when a deauthentication is ongoing. Here a trace triggering the race with the hostapd test multiapfronthaulonap: gdb list...

5.5CVSS6.1AI score0.00016EPSS

Exploits0References28

OSV•added 2024/08/21 1:15 a.m.•1 views

DEBIAN-CVE-2024-43880

5.5CVSS5.6AI score0.00018EPSS

Exploits0References1