|
391
|
5.9 |
MEDIUM
Network
|
-
|
-
|
On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to by…
New
|
CWE-287
Improper Authentication
|
CVE-2023-5502
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
392
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the swi…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-27890
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
393
|
5.3 |
MEDIUM
Network
|
-
|
-
|
On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgo…
New
|
CWE-284
Improper Access Control
|
CVE-2024-27891
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
394
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the swi…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-27892
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
395
|
7.5 |
HIGH
Network
|
-
|
-
|
On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, a…
New
|
CWE-1286
Improper Validation of Syntactic Correctness of Input
|
CVE-2025-8873
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
396
|
8.1 |
HIGH
Network
|
-
|
-
|
Use after free in Chromoting in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
New
|
CWE-416
Use After Free
|
CVE-2026-10887
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
397
|
8.8 |
HIGH
Adjacent
|
-
|
-
|
Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. (Chromium security s…
New
|
CWE-416
Use After Free
|
CVE-2026-10888
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
398
|
8.3 |
HIGH
Network
|
-
|
-
|
Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-10889
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
399
|
8.8 |
HIGH
Adjacent
|
-
|
-
|
Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium securit…
New
|
CWE-416
Use After Free
|
CVE-2026-10890
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
400
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in GFX in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
New
|
CWE-416
Use After Free
|
CVE-2026-10891
|
2026-06-6 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
