CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

RedhatCVE•added 2026/05/13 8:23 p.m.•5 views

CVE-2026-44874

A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system...

4.9CVSS5.8AI score0.00043EPSS

Exploits0References1

EUVD•added 2026/05/12 9:31 p.m.•6 views

EUVD-2026-29823

4.9CVSS5.8AI score0.00043EPSS

Exploits0References2

NVD•added 2026/05/12 8:16 p.m.•12 views

CVE-2026-44867

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system...

8.8CVSS0.00193EPSS

Exploits0References1

NVD•added 2026/05/12 8:16 p.m.•8 views

CVE-2026-44870

Command injection vulnerabilities exist in the command line interface CLI service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying...

8.8CVSS0.0021EPSS

Exploits0References1

NVD•added 2026/05/12 8:16 p.m.•5 views

CVE-2026-44853

Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote code execution as a...

7.2CVSS0.00318EPSS

Exploits0References1

Cvelist•added 2026/05/12 7:19 p.m.•32 views

CVE-2026-44874 Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface

4.9CVSS0.00043EPSS

Exploits0References1

Vulnrichment•added 2026/05/12 7:19 p.m.•9 views

CVE-2026-44874 Authenticated Arbitrary File Download via AOS-10 Web-Based Management Interface

4.9CVSS5.8AI score0.00043EPSS

Exploits0References1

ATTACKERKB•added 2026/05/12 7:19 p.m.•3 views

CVE-2026-44874

4.9CVSS5.8AI score0.00043EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/05/12 7:18 p.m.•7 views

CVE-2026-44872

A command injection vulnerability exists in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to place arbitrary files on the underlying filesystem of the affected device...

7.2CVSS6AI score0.00306EPSS

Exploits0References2Affected Software1

CVE•added 2026/05/12 7:16 p.m.•7 views

CVE-2026-44870

CVE-2026-44870 involves command injection vulnerabilities in the CLI service accessed by the PAPI protocol of AOS-8 and AOS-10 operating systems. The underlying cause is insecure handling in the CLI component that allows an authenticated remote attacker to execute arbitrary commands on the underl...

8.8CVSS6.1AI score0.0021EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/05/12 6:58 p.m.•4 views

CVE-2026-44854 Authenticated Remote Code Execution via Arbitrary File Write in AOS-8 and AOS-10 Web-Based Management Interface

7.2CVSS6.5AI score0.00318EPSS

Exploits0References1

Vulnrichment•added 2026/05/12 6:35 p.m.•5 views

CVE-2026-23821 Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI

A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying...

7.2CVSS6.1AI score0.00162EPSS

Exploits0References1

Cvelist•added 2026/05/12 6:34 p.m.•28 views

CVE-2026-23820 Inconsistent input filtering allows Authenticated Command Injection in AOS-8 Instant and AOS-10 CLI

A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlyin...

7.2CVSS0.00162EPSS

Exploits0References1

Positive Technologies•added 2026/05/12 12:0 a.m.•6 views

PT-2026-40383

4.9CVSS5.8AI score0.00043EPSS

Exploits0References2

RedhatCVE•added 2026/01/14 8:22 p.m.•3 views

CVE-2025-37169

A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system...

7.2CVSS7.7AI score0.00085EPSS

Exploits0References1

OSV•added 2026/01/13 8:16 p.m.•0 views

CVE-2025-37169

7.2CVSS6.1AI score

Exploits0References1

NVD•added 2026/01/13 8:16 p.m.•2 views

CVE-2025-37169

7.2CVSS0.00085EPSS

Exploits0References1

CVE•added 2026/01/13 8:3 p.m.•8 views

CVE-2025-37169

CVE-2025-37169 affects the AOS-10 web-based management interface of a Mobility Gateway; a stack overflow could allow an authenticated attacker to execute arbitrary code as a privileged OS user. Evidence across connected advisories confirms the issue is in ArubaOS (AOS-10) web management, with rem...

7.2CVSS7.3AI score0.00085EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/14 6:30 p.m.•2 views

EUVD-2025-34433

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.4AI score0.0004EPSS

Exploits0References2

OSV•added 2025/10/14 5:15 p.m.•2 views

CVE-2025-37142

4.9CVSS5.9AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by