Lucene search
K

68 matches found

CVE
CVE
added 5 days ago11 views

CVE-2026-33802

Summary: CVE-2026-33802 is a Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series switches (EX2300, EX4000, EX4100, EX4300-MP, EX4400) that allows a locally authenticated attacker with no specific permissions to execute a privileged CLI command and trigger a Do...

6.8CVSS6AI score0.00123EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-33802

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows a local, authenticated attacker to cause a Denial-of-Service DoS. On EX2300, EX4000, EX4100, EX4300-MP Multigigabit and EX4400 switches, an authenticated, local attacker with no specific permissions ...

6.8CVSS6AI score0.00123EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/06/23 4:14 p.m.16 views

CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

5.7CVSS5.8AI score0.00093EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.23 views

PT-2026-51566

Name of the Vulnerable Software and Affected Versions dhcpcd versions prior to 10.3.2 Description A heap use-after-free issue exists in the control socket handling within src/control.c. This occurs when privilege separation is disabled or initialization fails, leaving the control socket in mode...

5.7CVSS5.8AI score0.00093EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/21 12:0 a.m.8 views

F5 Networks BIG-IP : BIG-IP tmsh vulnerability (K000161107)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000161107 advisory. A vulnerability exists in an undisclosed BIG-IP TMOS Shell tmsh command that may allow an authenticate...

8.3CVSS5.9AI score0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 2:12 p.m.40 views

CVE-2026-41217 BIG-IP tmsh vulnerability

A vulnerability exists in an undisclosed BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with higher privileges. In Appliance mode deployments, a successful exploit can allow the attacke...

8.3CVSS0.00107EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 8:16 p.m.12 views

CVE-2026-44852

An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating system by exploiting...

7.2CVSS0.00436EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40362

Name of the Vulnerable Software and Affected Versions AOS-8 affected versions not specified AOS-10 affected versions not specified Description An authenticated remote code execution issue exists in the web-based management interface. Improper input validation in the file path parameter within the...

7.2CVSS6.5AI score0.00436EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/14 8:22 p.m.6 views

CVE-2025-37174

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS7.3AI score0.00476EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 8:16 p.m.5 views

CVE-2025-37174

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS0.00476EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 8:16 p.m.3 views

CVE-2025-37171

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

7.2CVSS6AI score0.01203EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 8:7 p.m.16 views

CVE-2025-37175

The CVE-2025-37175 entry concerns Aruba Networks ArubaOS (AOS-8 and AOS-10) web-based management interfaces. The connected NCSC advisory confirms that vulnerabilities in AOS-8/AOS-10 include arbitrary file deletion, stack overflow, command injection, and improper input handling, which could allow...

7.2CVSS7.1AI score0.0043EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/13 8:5 p.m.8 views

CVE-2025-37174 Authenticated Arbitrary File Write Vulnerability in AOS 10 and AOS-8 Web-Based Management Interface

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS6.9AI score0.00476EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 8:5 p.m.24 views

CVE-2025-37174 Authenticated Arbitrary File Write Vulnerability in AOS 10 and AOS-8 Web-Based Management Interface

Authenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary...

7.2CVSS0.00476EPSS
Exploits0References1
CVE
CVE
added 2026/01/13 8:5 p.m.16 views

CVE-2025-37174

ArubaOS AOS-8 and AOS-10 web management interfaces are affected by vulnerabilities fixed by Aruba Networks. The NCSC advisory notes issues including arbitrary file deletion, stack overflow, command injection, and improper input handling that could allow unauthorized access, file manipulation, or ...

7.2CVSS6.9AI score0.00476EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.3 views

PT-2026-2456

Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating...

7.2CVSS7.9AI score0.01203EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/15 5:44 p.m.5 views

CVE-2025-37134

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system...

7.2CVSS7.9AI score0.01257EPSS
Exploits0References1
OSV
OSV
added 2025/10/14 5:15 p.m.5 views

CVE-2025-37133

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system...

7.2CVSS6AI score0.01257EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/14 4:54 p.m.11 views

CVE-2025-37133 Authenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system...

7.2CVSS0.01257EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-15291

Malware in sbrugna...

9CVSS8.8AI score0.02268EPSS
Exploits0References2
Rows per page
Query Builder