41 matches found
EUVD-2021-15183
Malware in sbrugna...
EUVD-2018-1952
Malware in sbrugna...
EUVD-2025-7380
Malicious code in bioql PyPI...
CVE-2025-1259
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available...
CVE-2025-1259
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available...
CVE-2025-1260 On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/operations being applied to the switch...
CVE-2025-1260 On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/operations being applied to the switch...
CVE-2025-1259 On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available...
CVE-2025-1259 On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available...
CVE-2025-1259
CVE-2025-1259 affects Arista EOS when OpenConfig is configured; a gNOI request can be accepted where it should be rejected, potentially allowing data exposure. The Arista advisory lists affected EOS trains and versions (4.33.x, 4.32.x, 4.31.x, 4.30.x, 4.29.x, 4.28.x and earlier in those trains) a...
CVE-2025-0110
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the...
CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the...
CVE-2025-0110 PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the...
PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the...
PT-2025-6775 · Palo Alto Networks · Pan-Os Openconfig Plugin
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator to make gNMI requests to the PAN-OS management...
CVE-2021-28508
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to...
CVE-2021-28508
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to...
CVE-2021-28509
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to...
Design/Logic Flaw
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak MACsec sensitive data in clear text in CVP to...
CVE-2021-28509
CVE-2021-28509 : Arista EOS TerminAttr and OpenConfig transport can leak MACsec data in clear text to authorized users, enabling potential decryption/modification of MACsec traffic. Affected: EOS devices with Octa and TerminAttr enabled; specific affected versions include EOS 4.23.x–4.27.x trains...