92 matches found
EUVD-2022-28630
Malicious code in bioql PyPI...
CVE-2025-41713
CVE-2025-41713 refers to a vulnerability in WAGO hardware switches where, during boot, the switch may operate in an undefined state. This can allow an unauthenticated remote attacker to forward traffic to networks that should be unauthorized until a CPU-induced reset reconfigures the device. Affe...
WordPress plugin Admin in English with Switch 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress plugin Admin in...
Linux Distros Unpatched Vulnerability : CVE-2025-38657
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: prevent shift wrapping in rtw89coremlsrswitch The linkid value comes from...
CVE-2025-48978
CVE-2025-48978 affects Ubiquiti EdgeMAX EdgeSwitch versions 1.11.0 and earlier, where improper input validation could enable command injection when an attacker has access to the EdgeSwitch on the adjacent network. The vulnerability impacts the EdgeSwitch firmware’s handling of input, with the ris...
Linux Distros Unpatched Vulnerability : CVE-2022-26945
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fix...
Intel PCIe Switch 访问控制错误漏洞
The Intel PCIe Switch is a class of devices from Intel Corporation USA used to extend and manage PCIe bus connectivity. An access control error vulnerability exists in Intel PCIe Switch versions prior to MR41.0b1, which stems from improper access control and could lead to elevation of privilege...
CVE-2025-20996
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability...
CVE-2025-20996
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability...
CVE-2025-20996
Improper authorization in Smart Switch installed on non-Samsung Device prior to version 3.7.64.10 allows local attackers to read data with the privilege of Smart Switch. User interaction is required for triggering this vulnerability...
CVE-2023-39266
A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface provided certain configuration options are present. A successful exploit could allow an attacker to...
CVE-2021-25141
A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be...
PT-2025-29477 · Ооо 'Кьютэк' · Qsw-2800-10T-Ac +3
Уязвимость веб-интерфейса коммутаторов Qtech, связанная с некорректной обработкой файлов cookie. Эксплуатация уязвимости, может позволить нарушителю, действующему удаленно, повысить свои привилегии до уровня администратора...
CVE-2023-53058
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, Fix an Oops in error handling code The error handling dereferences "vport". There is nothing we can do if it is an error pointer except returning the error code...
The vulnerability of microprogrammed software in PLANET Technology switches arises from the failure to take measures to neutralize special elements, allowing attackers to execute arbitrary commands.
The vulnerability of PLANET Technology’s microprogrammed software exists due to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2025-29312
An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct...
CVE-2025-29312
An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct...
PT-2025-12709 · Onos · Onos
Name of the Vulnerable Software and Affected Versions: onos version 2.7.0 Description: An issue in onos allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct. Recommendations: For onos version 2.7.0, conside...
Dell SmartFabric OS10 Server-Side Request Forgery Vulnerability
Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell Dell. Dell SmartFabric OS10 suffers from a server-side request forgery vulnerability, which stems from the server not implementing an adequate authentication mechanism to confirm the origin of the request, and can be...
Hewlett Packard Enterprise AOS-CX(HPE AOS-CX) 安全漏洞
Hewlett Packard Enterprise AOS-CX HPE AOS-CX is a network operating system for data centers, campuses, and edges from Hewlett Packard Enterprise, Inc. It is used to provide flexible and innovative network services and enhance network performance. A security vulnerability exists in Hewlett Packard...