Lucene search
+L

1114 matches found

NVD
NVD
added 2025/11/18 7:15 p.m.8 views

CVE-2025-37157

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...

8.8CVSS0.00667EPSS
Exploits0References1
NVD
NVD
added 2025/11/18 7:15 p.m.6 views

CVE-2025-37158

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...

8.8CVSS0.00667EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/18 6:52 p.m.3 views

CVE-2025-37159 Authenticated Session Hijacking Allows Unauthorized Access in Network Switching Software

A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthorized access to the session, potentially leading to the vi...

5.8CVSS6.5AI score0.00261EPSS
Exploits0References1
CVE
CVE
added 2025/11/18 6:51 p.m.14 views

CVE-2025-37158

CVE-2025-37158 describes a command injection vulnerability in the AOS-CX Operating System . The public records indicate an authenticated remote attacker could achieve Remote Code Execution (RCE) on the affected system. The available documents do not provide concrete details on affected versions, ...

8.8CVSS7.5AI score0.00667EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/18 6:51 p.m.4 views

CVE-2025-37158 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...

6.7CVSS7.5AI score0.00667EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/18 6:51 p.m.14 views

CVE-2025-37158 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...

6.7CVSS0.00667EPSS
Exploits0References1
CVE
CVE
added 2025/11/18 6:48 p.m.15 views

CVE-2025-37157

CVE-2025-37157 affects HPE Aruba Networking AOS-CX; a command-injection vulnerability could allow an authenticated remote attacker to achieve Remote Code Execution on the AOS-CX OS. The Red Hat, ENISA EUVD, CVE lists describe the same issue with the AOS-CX platform. Connected sources do not provi...

8.8CVSS7.5AI score0.00667EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/11/18 6:48 p.m.16 views

CVE-2025-37157 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...

6.7CVSS0.00667EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/11/18 6:48 p.m.4 views

CVE-2025-37157 Authenticated Command Injection allows Unauthorized Command Execution in AOS-CX

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...

6.7CVSS7.5AI score0.00667EPSS
Exploits0References1
CVE
CVE
added 2025/11/18 6:46 p.m.17 views

CVE-2025-37156

ArubaOS-CX is affected by a platform-level DoS vulnerability (CVE-2025-37156). According to connected sources, an attacker with administrative access could execute code that renders the switch non-bootable and effectively non-functional. Affected software is ArubaOS-CX; no specific versions are l...

6.8CVSS6.8AI score0.00292EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/18 6:46 p.m.7 views

CVE-2025-37156 ArubaOS-CX Platform-Level Denial-of-Service Vulnerability

A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...

6.8CVSS6.8AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/18 6:46 p.m.14 views

CVE-2025-37156 ArubaOS-CX Platform-Level Denial-of-Service Vulnerability

A platform-level denial-of-service DoS vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional...

6.8CVSS0.00292EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.7 views

PT-2025-47388

Name of the Vulnerable Software and Affected Versions AOS-CX Operating System affected versions not specified Description A command injection vulnerability exists in the AOS-CX Operating System. Exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on th...

6.7CVSS7.5AI score0.00667EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.8 views

PT-2025-47386

Name of the Vulnerable Software and Affected Versions ArubaOS-CX affected versions not specified Description A platform-level denial-of-service DoS issue exists in the software. Successful exploitation could allow an attacker with administrative access to execute code that renders the switch...

6.8CVSS6.8AI score0.00292EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

HPE Aruba Networking AOS-CX 安全漏洞

HPE Aruba Networking AOS-CX is a series of switch devices from HPE America. A security vulnerability exists in the HPE Aruba Networking AOS-CX that stems from a User Authentication Service session hijacking vulnerability that could lead to unauthorized session access...

7.3CVSS6.6AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

HPE Aruba Networking AOS-CX 安全漏洞

HPE Aruba Networking AOS-CX is a series of switch devices from HPE America. A security vulnerability exists in the HPE Aruba Networking AOS-CX that stems from a platform-level denial-of-service vulnerability that could cause the switch to fail to boot...

6.8CVSS6.7AI score0.00292EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/18 12:0 a.m.9 views

PT-2025-47387

Name of the Vulnerable Software and Affected Versions AOS-CX Operating System affected versions not specified Description A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Executio...

6.7CVSS7.5AI score0.00667EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

HPE Aruba Networking AOS-CX 安全漏洞

HPE Aruba Networking AOS-CX is a series of switch devices from HPE America. A security vulnerability exists in the HPE Aruba Networking AOS-CX that stems from improper access control of the web-based management interface, which could lead to the disclosure of sensitive information...

6.5CVSS6.4AI score0.00278EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/10 2:24 a.m.6 views

Malicious code in cx-contact-hub-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d222fffa14a9ecd04210f41c25dae1aa3fc12e1ad8ec172358786ae1c539475e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
Snyk
Snyk
added 2025/10/10 2:24 a.m.5 views

Malicious Package

Overview cx-logger-library is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder