CVE-2026-42780 BIG-IP SSL Orchestrator vulnerability

A directory traversal vulnerability exists in BIG-IP SSL Orchestrator that allows an authenticated attacker with high privilege to overwrite, delete or corrupt arbitrary local files. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

K000151368: BIG-IP SSL Orchestrator vulnerability CVE-2025-55036

Security Advisory Description When BIG-IP SSL Orchestrator explicit forward proxy is configured on a virtual server and the proxy connect feature is enabled, undisclosed traffic may cause memory corruption. CVE-2025-55036 Impact System performance can degrade until the Traffic Management...

F5 Networks BIG-IP : BIG-IP SSL Orchestrator vulnerability (K000150667)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.4 / 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K000150667 advisory. When BIG-IP SSL Orchestrator is enabled, undisclosed traffic can cause the Traffic Management Microkernel TM...

EUVD-2018-18266

Malware in sbrugna...

EUVD-2020-25267

Malware in sbrugna...

EUVD-2021-16511

Malware in sbrugna...

EUVD-2019-14068

Malware in sbrugna...

EUVD-2025-24389

Malicious code in bioql PyPI...

08cms (=1.0.0), 1.1.0 (=1.0.0) +8996 more potentially affected by unknown CVE via orchestrator (>=0.0.5 <=0.3.8)

orchestrator NPM version =0.0.5, =1.0.0, =1.0.0, =0.0.2, =1.0.0, =0.0.1, =1.0.0, =1.0.1 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-28475...

CVE-2023-38001

IBM Aspera Orchestrator 4.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260206...

CVE-2019-5533

In VMware SD-WAN by VeloCloud versions 3.x prior to 3.3.0, the VeloCloud Orchestrator parameter authorization check mistakenly allows enterprise users to obtain information of Managed Service Provider accounts. Among the information is username, first and last name, phone numbers and e-mail addre...

CVE-2025-20030

Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for IntelR Tiber™ Edge Platform may allow an authenticated user to potentially enable information disclosure via adjacent access...

PT-2025-21113 · Intel · Edge Orchestrator

Name of the Vulnerable Software and Affected Versions: Edge Orchestrator for IntelR Tiber™ Edge Platform affected versions not specified Description: The issue is related to an improper conditions check in some Edge Orchestrator software for IntelR Tiber™ Edge Platform. This may allow an...

PT-2025-21069 · Intel · Edge Orchestrator

Name of the Vulnerable Software and Affected Versions: Edge Orchestrator for IntelR Tiber™ Edge Platform affected versions not specified Description: The issue concerns the exposure of sensitive information to unauthorized actors for some Edge Orchestrator software, potentially allowing...

CVE-2025-46545

In Sherpa Orchestrator 141851, the functionality for adding or updating licenses allows for stored XSS attacks by an administrator through the name parameter. The XSS payload can execute when the license expires...

PT-2025-4274 · Oracle · Jd Edwards Enterpriseone Orchestrator

Name of the Vulnerable Software and Affected Versions: JD Edwards EnterpriseOne Orchestrator versions prior to 9.2.9.2 Description: The issue is related to insufficient input validation in the E1 IOT Orchestrator Security component. It can be easily exploited by a low-privileged attacker with...

Cisco Nexus Dashboard 安全漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard Orchestrator that stems from improper access control in tenant security...

VMware SD-WAN Orchestrator 安全漏洞

VMware SD-WAN Orchestrator is a software from VMware that is used to orchestrate network data flows in a software-defined network architecture. The software provides web pages to visualize and manage users, gateways, and authentication. A security vulnerability exists in VMware SD-WAN Orchestrato...

PT-2024-2585 · Vmware · Vmware Sd-Wan Orchestrator

Name of the Vulnerable Software and Affected Versions: VMware SD-WAN Orchestrator affected versions not specified Description: The issue is related to an open redirect vulnerability. A malicious actor may redirect a victim to an attacker-controlled domain due to improper path handling, leading to...

CVE-2023-37436

Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and...