147 matches found
Security Advisory 0139
Security Advisory 0139 PDF Date: May 19, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 19, 2026 | Initial release The CVE-ID tracking this issue: CVE-2025-49844 CVSSv3.1 Base Score: 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSSv4.0 Base Score: 9.4...
Security Advisory 0136
Security Advisory 0136 PDF Date: May 1, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 1, 2026 | Initial release 1.1 | May 7, 2026 | Additional required configuration for exploitation information added 1.2 | May 11, 2026 | Advisory updated with additional mitigations. The CVE-ID tracking th...
CVE-2018-12357
Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions...
CVE-2019-18615
In CloudVision Portal CVP for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mode passwords which a...
Security Advisory 0126
Security Advisory 0126 . CSAF PDF Date: November 18, 2025 Revision | Date | Changes ---|---|--- 1.0 | November 18, 2025 | Initial release The following issues were discovered during regular penetration testing of Arista’s EOS. Issues detailed cover CloudVision Exchange CVX based features includin...
EUVD-2020-5377
Malware in sbrugna...
EUVD-2018-4331
Malware in sbrugna...
EUVD-2020-17067
Malware in sbrugna...
EUVD-2019-7986
Malware in sbrugna...
EUVD-2019-8344
Malware in sbrugna...
EUVD-2016-9837
Malware in sbrugna...
EUVD-2022-33484
Malicious code in bioql PyPI...
EUVD-2023-28562
Malicious code in bioql PyPI...
EUVD-2024-54463
Malicious code in bioql PyPI...
EUVD-2025-14029
Malicious code in bioql PyPI...
EUVD-2024-54464
Malicious code in bioql PyPI...
nautobot-chatops (>=1.6.0 <=1.7.1), nautobot-chatops-arista-cloudvision (>=1.0.1 <=1.3.0) +7 more potentially affected by CVE-2025-49143 via nautobot (>=1.0.3 <=1.5.16)
nautobot PYPI version =1.0.3, =1.6.0, =1.0.1, =1.1.0, =0.9.2, =1.5.0, =0.9.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2025-49143 Source advisory: OSV:GHSA-RH67-4C8J-HJJH...
nautobot-chatops (>=1.6.0 <=1.7.1), nautobot-chatops-arista-cloudvision (>=1.0.1 <=1.3.0) +7 more potentially affected by CVE-2025-49142 via nautobot (>=1.0.3 <=1.5.16)
nautobot PYPI version =1.0.3, =1.6.0, =1.0.1, =1.1.0, =0.9.2, =1.5.0, =0.9.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2025-49142 Source advisory: OSV:GHSA-WJW6-95H5-4JPX...
nautobot-chatops (>=1.6.0 <=1.7.1), nautobot-chatops-arista-cloudvision (>=1.0.1 <=1.3.0) +7 more potentially affected by CVE-2025-49143 via nautobot (>=1.0.3 <=1.5.16)
nautobot PYPI version =1.0.3, =1.6.0, =1.0.1, =1.1.0, =0.9.2, =1.5.0, =0.9.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2025-49143 Source advisory: SNYK:PYTHON-NAUTOBOT-10337820...
CVE-2023-24546
On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This advisory impacts...