EUVD-2018-10715

Malware in sbrugna...

EUVD-2022-33936

Malicious code in bioql PyPI...

PT-2025-23186 · Open Networking Foundation · Onos

Name of the Vulnerable Software and Affected Versions: Open Network Foundation ONOS version 2.7.0 Description: The issue allows attackers to cause a Denial of Service DoS via supplying crafted packets. Recommendations: For Open Network Foundation ONOS version 2.7.0, at the moment, there is no...

CVE-2024-53423

An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service DoS via supplying crafted packets...

CVE-2022-29944

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents does not redirect to a new path, even if a new intent that shares the path with higher priority is installed...

CVE-2025-29311

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets...

CVE-2025-29311

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets...

CVE-2025-29310

An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when supplying a crafted LLDP packet. This vulnerability allows attackers to execute arbitrary commands or access network information...

CVE-2025-29312

An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct...

CVE-2025-29311

CVE-2025-29311 affects ONOS v2.7.0, where a limited secret space in LLDP packets can let an attacker brute-force obtain the private key and craft LLDP packets. The public documents confirm the vulnerability and potential for exploit via crafted LLDP frames, but do not provide a concrete patch ver...

CVE-2022-29944

An issue was discovered in ONOS 2.5.1. There is an incorrect comparison of paths installed by intents. An existing intents does not redirect to a new path, even if a new intent that shares the path with higher priority is installed...

PT-2023-12981 · Onos · Onos

Name of the Vulnerable Software and Affected Versions: ONOS version 2.5.1 Description: An issue was discovered where an intent with a large port number shows the CORRUPT state, which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent an...

CVE-2019-16301

An issue was discovered in Open Network Operating System ONOS 1.14. In the virtual tenant network application org.onosproject.vtn, the host event listener does not handle the following event types: HOSTMOVED. In combination with other applications, this could lead to the absence of intended code...

Linux foundation ONOS cross-site scripting vulnerability

Linux foundation ONOS is an open source SDN network operating system maintained by the Linux Foundation and the ONOS community. A cross-site scripting vulnerability exists in device registration in Linux foundation ONOS version 1.9. A remote attacker can exploit this vulnerability to inject...