CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

CNNVD•added 2026/06/04 12:0 a.m.•5 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which stems from the fact that when configuring OpenConfig, a gNMI Set request that should be rejected may still be...

9.6CVSS5.3AI score0.0443EPSS

Exploits0References1

ATTACKERKB•added 2026/04/03 10:49 p.m.•1 views

CVE-2017-20234

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions a...

9.8CVSS5.9AI score0.00455EPSS

Exploits0References3

RedhatCVE•added 2026/03/08 1:44 a.m.•4 views

CVE-2026-25071

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS5.8AI score0.00512EPSS

Exploits0References1

NVD•added 2026/03/07 1:15 a.m.•2 views

CVE-2026-25071

8.7CVSS0.00512EPSS

Exploits0References2

OSV•added 2026/03/07 1:15 a.m.•5 views

CVE-2026-25071

7.5CVSS5.9AI score0.00512EPSS

Exploits0References2

ATTACKERKB•added 2026/03/07 12:20 a.m.•1 views

CVE-2026-25071

8.7CVSS5.8AI score0.00512EPSS

Exploits0References3

CNNVD•added 2026/03/07 12:0 a.m.•4 views

XikeStor SKS8310-8X 访问控制错误漏洞

The XikeStor SKS8310-8X is an Ethernet switch produced by the XikeStor company. Versions of XikeStor SKS8310-8X prior to 1.04.B07 contain a security vulnerability related to access control. This vulnerability stems from the absence of authentication at the /switchconfig.src endpoint, which may...

8.7CVSS5.8AI score0.00512EPSS

Exploits0References3

RedhatCVE•added 2026/02/03 3:18 p.m.•13 views

CVE-2022-50980

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN...

6.5CVSS5.3AI score0.00208EPSS

Exploits0References1

RedhatCVE•added 2026/02/03 3:18 p.m.•6 views

CVE-2022-50978

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus TCP...

7.5CVSS5.5AI score0.0045EPSS

Exploits0References1

Positive Technologies•added 2026/02/02 12:0 a.m.•6 views

PT-2026-5664

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP...

7.5CVSS5.5AI score0.00441EPSS

Exploits0References3

Positive Technologies•added 2026/02/02 12:0 a.m.•7 views

PT-2026-5665

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus TCP...

7.5CVSS5.5AI score0.0045EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-10391

Malware in sbrugna...

7.4CVSS6.9AI score0.00631EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-23438

Malware in sbrugna...

6.5CVSS6.5AI score0.01509EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-11320

Malware in sbrugna...

4.3CVSS4.6AI score0.0115EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-28530

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00598EPSS

Exploits1References1

Broadcom•added 2024/11/12 12:0 a.m.•8 views

Brocade Fabric OS before 9.2.2 does not enforce strict host key checking

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...

7.1CVSS6.9AI score0.00243EPSS

Exploits1

NVD•added 2024/01/26 6:15 p.m.•62 views

CVE-2024-20263

A vulnerability with the access control list ACL management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected...

7.2CVSS6.3AI score0.0045EPSS

Exploits0References1

CVE•added 2023/02/15 12:0 a.m.•46 views

CVE-2023-24498

CVE-2023-24498 describes a credential-leak flaw affecting the NETGEAR ProSAFE FS726TP switch. An unspecified endpoint in the switch’s web server may fail to properly authenticate a user, allowing a configuration page (containing the switch password) to be downloaded in plaintext. Multiple sources...

7.5CVSS7.6AI score0.00577EPSS

Exploits0References1Affected Software1

Packet Storm•added 2020/02/21 12:0 a.m.•137 views

D-Link DGS-1250 Header Injection

D-Link DGS-1250 header injection vulnerability ============================================== The latest version of this advisory is available at: https://sintonen.fi/advisories/d-link-dgs-1250-header-injection.txt Overview -------- D-Link DGS-1250 switch is susceptible to a header injection...

Exploits0

Cvelist•added 2019/08/01 9:21 p.m.•18 views

CVE-2019-5401

A potential security vulnerability has been identified in HP2910al-48G version W.15.14.0016. The attack exploits an xss injection by setting the attack vector in one of the switch persistent configuration fields management URL, location, contact. But admin privileges are required to configure the...

5.4AI score0.0054EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by