Lucene search
K

145 matches found

RedhatCVE
RedhatCVE
added 2026/01/15 4:20 p.m.4 views

CVE-2025-37185

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attacks against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary...

5.5CVSS6.1AI score0.00223EPSS
Exploits0References1
OSV
OSV
added 2026/01/14 5:16 p.m.6 views

CVE-2025-37182

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading...

7.2CVSS6.1AI score0.00404EPSS
Exploits0References1
NVD
NVD
added 2026/01/14 5:16 p.m.7 views

CVE-2025-37182

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading...

7.2CVSS0.00404EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/14 4:26 p.m.4 views

CVE-2025-37181

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading...

7.2CVSS6.3AI score0.00404EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/14 4:20 p.m.2 views

CVE-2025-37185

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attacks against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary...

5.5CVSS5.6AI score0.00223EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/14 4:17 p.m.4 views

CVE-2025-37182 Authenticated SQL Injection in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading...

7.2CVSS8AI score0.00404EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/14 4:17 p.m.4 views

CVE-2025-37182

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading...

7.2CVSS6.3AI score0.00404EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/01/14 12:0 a.m.7 views

HPE EdgeConnect SD-WAN Orchestrator 安全漏洞

HPE EdgeConnect SD-WAN Orchestrator is a centralized SD-WAN management platform from HPE America. It provides complete visibility and control over the WAN. A security vulnerability exists in HPE EdgeConnect SD-WAN Orchestrator that stems from a SQL injection in the web management interface, which...

7.2CVSS7.7AI score0.00404EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-25250

Malware in sbrugna...

8.8CVSS9.2AI score0.01406EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-25266

Malware in sbrugna...

9.8CVSS9.4AI score0.02899EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-10926

Malware in sbrugna...

8.8CVSS8.7AI score0.00958EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-25268

Malware in sbrugna...

6.5CVSS7.3AI score0.0114EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-25267

Malware in sbrugna...

7.2CVSS7.7AI score0.0155EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-41340

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00426EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-41324

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00644EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-41337

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00569EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:47 p.m.7 views

CVE-2020-3984

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. An authenticated SD-WAN Orchestrator user may exploit a vulnerable API call using specially crafted SQL queries which may lead to unauthorized data acce...

6.5CVSS7.3AI score0.22367EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:9 p.m.11 views

CVE-2020-4003

VMware SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. An authenticated SD-WAN Orchestrator user may inject code into SQL queries which may lead to...

6.5CVSS7.1AI score0.0114EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:57 p.m.8 views

CVE-2020-4000

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is able to traversal directories which may lead to code execution of files...

8.8CVSS7.3AI score0.43017EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:40 p.m.8 views

CVE-2020-3985

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orchestrator user may exploit an application weakness and call a vulnerable API to elevate their...

8.8CVSS7.1AI score0.01406EPSS
Exploits0
Rows per page
Query Builder