CVE-2026-33779

The CVE concerns Junos OS on SRX Series failing to properly verify the server certificate when provisioning to Security Director cloud, enabling a PITM to intercept traffic and access credentials and sensitive data. Affected Junos OS versions include all before 22.4R3-S9, 23.2 before 23.2R2-S6, 2...

CVE-2025-52958

A Reachable Assertion vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS.On all Junos OS and Junos OS Evolved devices, when route validation is enabled, a rare condition...

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities KEV catalog following reports of active exploitation in the wild. The vulnerabilit...

CVE-2024-22239

Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access...

VMware Aria Operations Security Vulnerability

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations for Networks. An attacker could exploit the vulnerability to access sensitive...

CVE-2023-20889

Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure...

VMware Aria Operations 命令注入漏洞

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations Networks version 6.x series, which can be exploited by an attacker to perform...

CVE-2023-22601

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-330: Use of Insufficiently Random Values. They do not properly randomize MQTT ClientID parameters. An unauthorized user could calculate this...

CVE-2023-22598

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'. An unauthorized user with privileged access to the...

CVE-2022-30543

A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability...

Unnamed Vulnerability in Juniper Networks Junos OS (CNVD-2021-37737)

Juniper Networks Junos OS is a Juniper Networks network operating system designed for use with Juniper Networks hardware devices. The operating system provides a secure programming interface and the Junos SDK.Junos OS Evolved is an upgraded version of Junos OS. Junos OS has a security...

Election Systems Under Attack via Microsoft Zerologon Exploits

U.S. government officials have warned that advanced persistent threat actors APTs are now leveraging Microsoft’s severe privilege-escalation flaw, dubbed “Zerologon,” to target elections support systems. Days after Microsoft sounded the alarm that an Iranian nation-state actor was actively...

Nokia Solutions And Networks Cross-Site Scripting Vulnerability

Nokia Solutions and Networks is a suite of solutions to help mobile networks run multiple services. A cross-site scripting vulnerability exists in Nokia Solutions And Networks, which could be exploited by remote attackers to inject malicious script or HTML code that, when viewed with malicious...

Microsoft Internet Explorer Page Transition Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks...