Vulnerabilities
Vulnerable Software
Arista:  >> Eos  Security Vulnerabilities
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message.
CVSS Score
6.5
EPSS Score
0.03
Published
2020-01-23
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
CVSS Score
6.5
EPSS Score
0.036
Published
2020-01-23
The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets.
CVSS Score
6.5
EPSS Score
0.023
Published
2020-01-23
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
CVSS Score
7.5
EPSS Score
0.047
Published
2019-10-24
Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled.
CVSS Score
6.5
EPSS Score
0.006
Published
2019-08-15
Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.
CVSS Score
7.5
EPSS Score
0.013
Published
2018-04-12
The Mlag agent in Arista EOS 4.19 before 4.19.4M and 4.20 before 4.20.2F allows remote attackers to cause a denial of service (agent restart) via crafted UDP packets.
CVSS Score
6.5
EPSS Score
0.011
Published
2018-03-05
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the presence of xt_TCPMSS in an iptables action.
CVSS Score
9.8
EPSS Score
0.528
Published
2018-01-03
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
CVSS Score
9.8
EPSS Score
0.849
Published
2017-10-04
Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging management-plane access, aka Bug 138716.
CVSS Score
10.0
EPSS Score
0.042
Published
2015-11-19


Contact Us

Shodan ® - All rights reserved