Cacti < 1.2.25 Insecure Deserialization

Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. id: CVE-2023-30534 info: name: Cacti 1.2.25 Insecure Deserialization author: k0pak4 severity: medium description: | Cacti is an open source...

CVE-2026-23393

A flaw was found in the Linux kernel's bridge Connectivity Fault Management CFM component. A race condition can occur during the deletion of a peer Maintenance Entity Group End Point MEP. This allows the brcfmframerx function to re-schedule a delayed work on a MEP object after it has been marked...

CVE-2025-66399

Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters including newlines that are...

CVE-2025-52961

CVE-2025-52961 affects Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016. The issue is an Uncontrolled Resource Consumption in the CFM daemon (cfmd) and CFM Manager (cfmman) that allows an unauthenticated adjacent attacker to trigger Denial-of-Servic...

Juniper Networks Junos OS Evolved 资源管理错误漏洞

Juniper Networks Junos OS Evolved is an upgraded system of Juniper Networks' Junos OS. A resource management error vulnerability exists in Juniper Networks Junos OS Evolved, which stems from a resource consumption issue in the Connectivity Fault Management daemon and Connectivity Fault Management...

Juniper Junos OS Vulnerability (JSA103144)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103144 advisory. - An Uncontrolled Resource Consumption vulnerability in the Connectivity Fault Management CFM daemon and the Connectivity Fault Management Manager cfmman of Juniper Network...

EUVD-2014-3422

Malware in sbrugna...

EUVD-2023-48552

Malicious code in bioql PyPI...

EUVD-2023-24412

Malicious code in bioql PyPI...

EUVD-2024-52313

Malicious code in bioql PyPI...

EUVD-2024-40253

Malicious code in bioql PyPI...

EUVD-2025-21157

Malicious code in bioql PyPI...

EUVD-2024-29332

Malicious code in bioql PyPI...

CVE-2025-52952

An Out-of-bounds Write vulnerability in the connectivity fault management CFM daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart,...

CVE-2025-52952

An Out-of-bounds Write vulnerability in the connectivity fault management CFM daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart,...

CVE-2023-20233

A vulnerability in the Connectivity Fault Management CFM feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to incorrect processing of invalid continuity check messages CCMs. ...

CVE-2025-24367

Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading to remote code execution on the server. This vulnerability is fixed...

CVE-2025-22604

Cacti is an open source performance and fault management framework. Due to a flaw in multi-line SNMP result parser, authenticated users can inject malformed OIDs in the response. When processed by ssnetsnmpdiskio or ssnetsnmpdiskbytes, a part of each OID will be used as a key in an array that is...

CVE-2024-54145

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

CVE-2024-54145 Cacti has a SQL Injection vulnerability when request automation devices

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...