1114 matches found
CVE-2025-37157
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37158
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37159 Authenticated Session Hijacking Allows Unauthorized Access in Network Switching Software
A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthorized access to the session, potentially leading to the vi...
CVE-2025-37158
CVE-2025-37158 describes a command injection vulnerability in the AOS-CX Operating System . The public records indicate an authenticated remote attacker could achieve Remote Code Execution (RCE) on the affected system. The available documents do not provide concrete details on affected versions, ...
CVE-2025-37158 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37158 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37157
CVE-2025-37157 affects HPE Aruba Networking AOS-CX; a command-injection vulnerability could allow an authenticated remote attacker to achieve Remote Code Execution on the AOS-CX OS. The Red Hat, ENISA EUVD, CVE lists describe the same issue with the AOS-CX platform. Connected sources do not provi...
CVE-2025-37157 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37157 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37156
ArubaOS-CX is affected by a platform-level DoS vulnerability (CVE-2025-37156). According to connected sources, an attacker with administrative access could execute code that renders the switch non-bootable and effectively non-functional. Affected software is ArubaOS-CX; no specific versions are l...
CVE-2025-37156 ArubaOS-CX Platform-Level Denial-of-Service Vulnerability
A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...
CVE-2025-37156 ArubaOS-CX Platform-Level Denial-of-Service Vulnerability
A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...
PT-2025-47388
Name of the Vulnerable Software and Affected Versions AOS-CX Operating System affected versions not specified Description A command injection vulnerability exists in the AOS-CX Operating System. Exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on th...
PT-2025-47386
Name of the Vulnerable Software and Affected Versions ArubaOS-CX affected versions not specified Description A platform-level denial-of-service DoS issue exists in the software. Successful exploitation could allow an attacker with administrative access to execute code that renders the switch...
HPE Aruba Networking AOS-CX 安全漏洞
HPE Aruba Networking AOS-CX is a series of switch devices from HPE America. A security vulnerability exists in the HPE Aruba Networking AOS-CX that stems from a User Authentication Service session hijacking vulnerability that could lead to unauthorized session access...
HPE Aruba Networking AOS-CX 安全漏洞
HPE Aruba Networking AOS-CX is a series of switch devices from HPE America. A security vulnerability exists in the HPE Aruba Networking AOS-CX that stems from a platform-level denial-of-service vulnerability that could cause the switch to fail to boot...
PT-2025-47387
Name of the Vulnerable Software and Affected Versions AOS-CX Operating System affected versions not specified Description A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Executio...
HPE Aruba Networking AOS-CX 安全漏洞
HPE Aruba Networking AOS-CX is a series of switch devices from HPE America. A security vulnerability exists in the HPE Aruba Networking AOS-CX that stems from improper access control of the web-based management interface, which could lead to the disclosure of sensitive information...
Malicious code in cx-contact-hub-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d222fffa14a9ecd04210f41c25dae1aa3fc12e1ad8ec172358786ae1c539475e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview cx-logger-library is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...