CVE-2024-6437 |
Description: On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options may bypass the feature's set nexthop action and be slow-path forwarded (FIB routed) by the kernel as the packets are trapped to the CPU instead of following the redirect action's destination.
CVSS: MEDIUM (5.8) EPSS Score: 0.04%
January 11th, 2025 (6 months ago)
|
CVE-2024-5872 |
Description: On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
January 11th, 2025 (6 months ago)
|
CVE-2024-57823 |
Description: In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptor_uri_normalize_path().
CVSS: CRITICAL (9.3) EPSS Score: 0.05%
January 11th, 2025 (6 months ago)
|
CVE-2024-57822 |
Description: In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal().
CVSS: MEDIUM (4.0) EPSS Score: 0.05%
January 11th, 2025 (6 months ago)
|
CVE-2024-57687 |
Description: An OS Command Injection vulnerability was found in /landrecordsys/admin/dashboard.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the "Cookie" GET request parameter.
EPSS Score: 0.04%
January 11th, 2025 (6 months ago)
|
CVE-2024-57686 |
Description: A Cross Site Scripting (XSS) vulnerability was found in /landrecordsys/admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the "pagetitle" parameter.
EPSS Score: 0.04%
January 11th, 2025 (6 months ago)
|
CVE-2024-57228 |
Description: Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_disable function.
EPSS Score: 0.04%
January 11th, 2025 (6 months ago)
|
CVE-2024-57227 |
Description: Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pbc_wps function.
EPSS Score: 0.04%
January 11th, 2025 (6 months ago)
|
CVE-2024-57226 |
Description: Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the iface parameter in the vif_enable function.
EPSS Score: 0.04%
January 11th, 2025 (6 months ago)
|
CVE-2024-57225 |
Description: Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the devname parameter in the reset_wifi function.
EPSS Score: 0.04%
January 11th, 2025 (6 months ago)
|