Lucene search
+L

80 matches found

arista
arista
added 2023/12/05 12:0 a.m.50 views

Security Advisory 0090

Security Advisory 0090 . CSAF PDF Date: December 5, 2023 Revision | Date | Changes ---|---|--- 1.0 | December 5, 2023 | Initial release The CVE-ID tracking this issue: CVE-2023-24547 CVSSv3.1 Base Score: 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H Common Weakness Enumeration: CWE-212: Improp...

6.5CVSS6.4AI score0.00339EPSS
Exploits0
cnnvd
cnnvd
added 2023/12/05 12:0 a.m.7 views

Arista MOS Security Vulnerability

Arista MOS is an operating system from the American company Arista. It is used to provide CLI and Web interfaces as well as support for other management protocols. A security vulnerability exists in Arista MOS that stems from the configuration of BGP passwords that will result in passwords being...

6.5CVSS6.7AI score0.00339EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2023/12/05 12:0 a.m.21 views

PT-2023-19684 · Arista · Arista Mos

Name of the Vulnerable Software and Affected Versions: Arista MOS affected versions not specified Description: The configuration of a BGP password on affected platforms running Arista MOS causes the password to be logged in clear text. This can be revealed in local logs or remote logging servers ...

6.5CVSS6.3AI score0.00339EPSS
Exploits0References8
oracle
oracle
added 2023/07/18 12:0 a.m.413 views

Oracle Critical Patch Update Advisory - July 2023

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

10CVSS9AI score0.99999EPSS
Exploits521Affected Software133
openbugbounty
openbugbounty
added 2023/05/23 12:41 p.m.5 views

mos-tour.moscow Cross Site Scripting vulnerability OBB-3359360

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
veracode
veracode
added 2023/02/06 5:54 a.m.24 views

Cross-Site Scripting (XSS)

mos/cimage is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the user input before it output to the front end, allowing an attacker to inject and execute malicious JavaScript on victim's browser via the argument $SERVER'SERVERSOFTWARE' in the file...

6.1CVSS3.6AI score0.00496EPSS
Exploits0References4Affected Software1
oracle
oracle
added 2023/01/17 12:0 a.m.311 views

Oracle Critical Patch Update Advisory - January 2023

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

10CVSS9AI score0.99999EPSS
Exploits657Affected Software105
openbugbounty
openbugbounty
added 2022/09/24 11:46 a.m.11 views

mos-invest-finans.ru Cross Site Scripting vulnerability OBB-2945966

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
rocky
rocky
added 2022/05/17 6:42 a.m.10 views

new packages: hunspell-mos

An update is available for hunspell-mos. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

2.2AI score
Exploits0
openbugbounty
openbugbounty
added 2022/04/05 8:38 a.m.9 views

mos.gov.bd Cross Site Scripting vulnerability OBB-2473136

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
oracle
oracle
added 2022/01/18 12:0 a.m.509 views

Oracle Critical Patch Update Advisory - January 2022

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

10CVSS8.9AI score0.99999EPSS
Exploits725Affected Software170
openbugbounty
openbugbounty
added 2022/01/07 8:14 a.m.9 views

mos-versand.de Cross Site Scripting vulnerability OBB-2326480

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
cnvd
cnvd
added 2021/09/14 12:0 a.m.16 views

Arista Networks MOS Licensing Issue Vulnerability (CNVD-2021-102373)

Arista Networks MOS is a fully programmable and highly modular Linux-based network operating system from Arista Networks, Inc. that uses the familiar industry-standard CLI and runs a single binary software image in the Arista switch family.Arista Networks MOS is vulnerable to an authorization...

8.4CVSS3.5AI score0.00218EPSS
Exploits0References1
osv
osv
added 2021/09/09 1:15 p.m.4 views

CVE-2021-28499

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in...

5.5CVSS6.1AI score0.00205EPSS
Exploits0References1
nvd
nvd
added 2021/09/09 1:15 p.m.13 views

CVE-2021-28495

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train...

9.8CVSS0.0093EPSS
Exploits0References1
nvd
nvd
added 2021/09/09 1:15 p.m.18 views

CVE-2021-28499

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in...

6.3CVSS0.00205EPSS
Exploits0References1
osv
osv
added 2021/09/09 1:15 p.m.7 views

CVE-2021-28495

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train...

9.8CVSS7.3AI score0.0093EPSS
Exploits0References1
nvd
nvd
added 2021/09/09 1:15 p.m.18 views

CVE-2021-28493

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train...

8.4CVSS0.00218EPSS
Exploits0References1
prion
prion
added 2021/09/09 1:15 p.m.14 views

Code injection

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to the systems. This issue affects: Arista Metamako Operating System MOS-0.13 and post releases in the...

7.2CVSS7.5AI score0.00222EPSS
Exploits0References1Affected Software1
prion
prion
added 2021/09/09 1:15 p.m.17 views

Authentication flaw

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train...

6.8CVSS9.5AI score0.0093EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder