266 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds access issue in the sja1105initl2policing function in the net:dsa:sja1105 subsystem...
CVE-2024-32765
A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS...
PT-2024-24837
Name of the Vulnerable Software and Affected Versions QTS versions prior to 5.1.8.2823 build 20240712 QuTS hero versions prior to h5.1.8.2823 build 20240712 Description A vulnerability has been reported to affect Network & Virtual Switch, allowing local authenticated administrators to gain access...
SUSE CVE-2022-48812
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: don't use devres for mdiobus As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree wi...
UBUNTU-CVE-2022-48783
In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiqgswip: fix use after free in gswipremove ofnodeputpriv-ds-slavemiibus-dev.ofnode should be done before mdiobusfreepriv-ds-slavemiibus...
CVE-2024-22438
CVE-2024-22438 affects Hewlett Packard Enterprise OfficeConnect 1820 Network switches. The connected documents indicate a cross-site request forgery (CSRF) vulnerability that could enable remote execution of malicious code. Affected versions include OfficeConnect 1820 switches prior to PT.02.19; ...
CVE-2023-32969
A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651...
PT-2024-12372 · Qnap · Qutscloud +2
Name of the Vulnerable Software and Affected Versions: QuTScloud versions prior to 5.1.5.2651 QTS versions prior to 5.1.4.2596 build 20231128 QuTS hero versions prior to 5.1.4.2596 build 20231128 Description: A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual...
CVE-2023-32462
Dell OS10 Networking Switches running 10.5.2.x and above have an OS command injection vulnerability in the remote user authentication path. The root cause is an OS command injection that allows a remote unauthenticated attacker to execute arbitrary OS commands, potentially taking over the system....
PT-2024-12153 · Dell · Dell Os10 Networking Switches
Name of the Vulnerable Software and Affected Versions: Dell OS10 Networking Switches versions 10.5.2.x and above Description: A remote unauthenticated attacker could potentially exploit a vulnerability with zeroMQ when VLT is configured, leading to information disclosure and a possible Denial of...
Extreme Networks EXOS Security Vulnerability
Extreme Networks EXOS is a software or network operating system used in a network switch from Extreme Networks USA. Extreme Networks EXOS has a security vulnerability that originates when an attacker sends a malicious BGP update message packet that can trigger a denial of service...
Rockwell Automation Stratix Denial of Service Long Control Packet Message (CVE-2015-7855)
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service DoS condition or modify the time being advertised by a device acting as a...
Fortinet FortiSwitchManager Improper Access Control Vulnerability
Fortinet FortiSwitchManager is a network switch management tool from Fortinet designed to help organizations manage their FortiSwitch family of network switches. An improper access control vulnerability exists in Fortinet FortiSwitchManager. The vulnerability is caused by a flawed authentication...
Aruba Networks ArubaOS 缓冲区错误漏洞
Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS Switch that originates from unauthenticated remote code execution via...
Intelbras SG 2404 MR 安全漏洞
The Intelbras SG 2404 MR is a switch with network management features from Intelbras, Brazil. A security vulnerability exists in Intelbras SG 2404 MR version 20180928-rel64938. An authenticated attacker can exploit the vulnerability to create an administrator account via a specially crafted user...
Dell Networking OS10 Information Disclosure Vulnerability (CNVD-2022-69158)
Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell Dell. An information disclosure vulnerability exists in Dell SmartFabric OS10, which can be exploited by an attacker to reverse engineer sensitive information and access REST APIs with administrator privileges...
CVE-2021-33315
The TRENDnet TI-PG1284i switchhw v2.0R prior to version 2.0.2.S0 suffers from an integer underflow vulnerability. This vulnerability exists in its lldp related component. Due to lack of proper validation on length field of PortID TLV, by sending a crafted lldp packet to the device, integer...
The vulnerability of Fortinet FortiWLM, a centralized management system for WLAN access points and LAN switches, arises due to the failure to take measures to eliminate special elements used in the operating system’s command set. This vulnerability allows a perpetrator to execute arbitrary code.
The vulnerability of Fortinet FortiWLM’s WLAN access point and LAN switch management systems exists due to the failure to take measures to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a...
Dell Networking OS10 Authentication Bypass Vulnerability (CNVD-2021-99661)
Dell Networking OS10 is a Linux-based network switch operating system from Dell DELL U.S.A. An authentication bypass vulnerability exists in Dell Networking OS10 version with Smart Fabric services enabled by October 2021. An unauthenticated, remote attacker could exploit the vulnerability to gain...
Dell Networking OS10 Elevation of Privilege Vulnerability
Dell Networking OS10 is a Linux-based network switch operating system from Dell DELL U.S.A. An elevation of privilege vulnerability exists in Dell Networking OS10, which could be exploited by an attacker with specific API access to gain administrator privileges on the affected system...