CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

199 matches found

Extreme Networks Extreme Platform ONE IAM Gateway 安全漏洞

The Extreme Networks Extreme Platform ONE IAM Gateway is a network identity and access management gateway provided by Extreme Networks, Inc. There is a security vulnerability present in the Extreme Networks Extreme Platform ONE IAM Gateway, which stems from a race condition in the API key...

6.3CVSS5.8AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:40 p.m.•5 views

CVE-2023-43119

An Access Control issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server...

9.8CVSS7.4AI score0.00373EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:40 p.m.•1 views

CVE-2023-43120

An issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7 and before 31.7.1 allows attackers to gain escalated privileges via crafted HTTP request...

8.8CVSS7.2AI score0.01588EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:39 p.m.•6 views

CVE-2023-43121

A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...

7.5CVSS6.9AI score0.01402EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:53 a.m.•6 views

CVE-2013-7309

The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement LSA packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service routing disruption or obtain...

5.8CVSS6.4AI score0.00819EPSS

Exploits0References1

Vulnrichment•added 2026/01/06 3:52 p.m.•3 views

CVE-2020-36907 Extreme Networks Aerohive HiveOS <=11.x 11.x Unauthenticated Remote Denial of Service

Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthenticated attackers to render the web interface unusable. Attackers can send a crafted HTTP request to the action.php5 script with specific parameters to trigger a 5-minute service disruption...

8.7CVSS6.4AI score0.00837EPSS

Exploits1References8

EUVD•added 2025/10/08 7:20 a.m.•1 views

EUVD-2025-32906

Malicious code in v0-core npm...

6.6AI score

Exploits0

NVD•added 2025/10/07 7:15 p.m.•2 views

CVE-2025-11192

A vulnerability in Extreme Networks’ Fabric Engine VOSS before 9.3 was discovered. When SD-WAN AutoSense is enabled on a port, it may automatically configure fabric connectivity without validating ISIS authentication settings. The SD-WAN AutoSense implementation may be exploited by malicious acto...

8.6CVSS0.00048EPSS

Exploits0References1