Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild

Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP...

Cisco Patches 'High-Severity' Bugs Impacting Switches, Fibre Storage

Cisco Systems disclosed eight high-severity bugs impacting a range of its networking gear, including its switches and fiber storage solutions. Cisco’s NX-OS was hardest hit, with six security alerts tied to the network operating system that underpins the networking giant’s Nexus-series Ethernet...

Juniper Networks Junos OS Denial of Service Vulnerability (CNVD-2020-49038)

Juniper Networks Junos OS is a set of network operating systems dedicated to the company's hardware devices. A denial of service vulnerability in Juniper Networks Junos OS BGP message processing can be exploited by an attacker to cause the Routing Process Daemon RPD to crash and restart...

The vulnerability of the Simple Network Management Protocol packet processor in Cisco IOS and IOS XE operating systems allows a attacker to trigger a service failure.

The vulnerability of the Simple Network Management Protocol packet processor in Cisco IOS and IOS XE operating systems relates to unauthorized access to the indexed resource. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Cisco IOS XE Privilege Permission and Access Control Issues Vulnerability (CNVD-2020-31964)

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A privilege-granting and access-control issue vulnerability exists in Cisco IOS XE, which arises from a program that does not adequately validate user-supplied content. A local...

A vulnerability in the anycast function of the Cisco NX-OS operating system, which allows a attacker to compromise the integrity of protected information.

The vulnerability in the anycast function of the Cisco NX-OS operating system is related to insufficient verification of data authenticity. Exploiting this vulnerability can allow a malicious actor to compromise the integrity of protected information...

UBUNTU-CVE-2019-14905

A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxosfilecopy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS...

Open Network Operating System (ONOS) Code Unexpected Execution Vulnerability

Open Network Operating System ONOS is a carrier-grade SDN network operating system for service providers and enterprise backbones. A code unintended execution vulnerability exists in Open Network Operating System ONOS 1.14. The vulnerability stems from a host event listener in the Ethernet VPN...

Open Network Operating System (ONOS) Code Not Executed As Expected Vulnerability (CNVD-2020-14218)

Open Network Operating System ONOS is a carrier-grade SDN network operating system for service providers and enterprise backbones. A code unintended execution vulnerability exists in Open Network Operating System ONOS 1.14. The vulnerability stems from a host event listener in the mobility...

Open Network Operating System (ONOS) Code Unexpected Execution Vulnerability (CNVD-2020-14221)

Open Network Operating System ONOS is a carrier-grade SDN network operating system for service providers and enterprise backbones. A code unintended execution vulnerability exists in Open Network Operating System ONOS 1.14. The vulnerability stems from a host event listener not handling the...

Open Network Operating System (ONOS) Code Unexpected Execution Vulnerability (CNVD-2020-14219)

Open Network Operating System ONOS is a carrier-grade SDN network operating system for service providers and enterprise backbones. A code unintended execution vulnerability exists in Open Network Operating System ONOS 1.14. The vulnerability stems from a host event listener in the Virtual Broadba...

CVE-2019-16302

An issue was discovered in Open Network Operating System ONOS 1.14. In the Ethernet VPN application org.onosproject.evpnopenflow, the host event listener does not handle the following event types: HOSTMOVED, HOSTUPDATED. In combination with other applications, this could lead to the absence of...

CVE-2019-16297

An issue was discovered in Open Network Operating System ONOS 1.14. In the P4 tutorial application org.onosproject.p4tutorial, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this could lead to the...

CVE-2019-16298

An issue was discovered in Open Network Operating System ONOS 1.14. In the virtual broadband network gateway application org.onosproject.virtualbng, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this...

CVE-2019-16299

An issue was discovered in Open Network Operating System ONOS 1.14. In the mobility application org.onosproject.mobility, the host event listener does not handle the following event types: HOSTADDED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this could lead to the absence ...

CVE-2019-16302

An issue was discovered in Open Network Operating System ONOS 1.14. In the Ethernet VPN application org.onosproject.evpnopenflow, the host event listener does not handle the following event types: HOSTMOVED, HOSTUPDATED. In combination with other applications, this could lead to the absence of...

CVE-2019-16297

An issue was discovered in Open Network Operating System ONOS 1.14. In the P4 tutorial application org.onosproject.p4tutorial, the host event listener does not handle the following event types: HOSTMOVED, HOSTREMOVED, HOSTUPDATED. In combination with other applications, this could lead to the...

CVE-2019-16301

An issue was discovered in Open Network Operating System ONOS 1.14. In the virtual tenant network application org.onosproject.vtn, the host event listener does not handle the following event types: HOSTMOVED. In combination with other applications, this could lead to the absence of intended code...

Code injection

An issue was discovered in Open Network Operating System ONOS 1.14. In the virtual tenant network application org.onosproject.vtn, the host event listener does not handle the following event types: HOSTMOVED. In combination with other applications, this could lead to the absence of intended code...

Design/Logic Flaw

An issue was discovered in Open Network Operating System ONOS 1.14. In the Ethernet VPN application org.onosproject.evpnopenflow, the host event listener does not handle the following event types: HOSTMOVED, HOSTUPDATED. In combination with other applications, this could lead to the absence of...