|
1211
|
7.5 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-23826
|
2026-05-15 21:44 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1212
|
7.5 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network mess…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-23824
|
2026-05-15 21:44 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1213
|
7.5 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network mess…
|
CWE-20
Improper Input Validation
|
CVE-2026-23825
|
2026-05-15 21:44 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1214
|
5.4 |
MEDIUM
Network
|
arubanetworks
|
arubaos
sd-wan
|
A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated wh…
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-44873
|
2026-05-15 21:44 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1215
|
4.9 |
MEDIUM
Network
|
arubanetworks
|
arubaos
|
A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Succe…
|
CWE-284
Improper Access Control
|
CVE-2026-44874
|
2026-05-15 21:44 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1216
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remo…
|
CWE-77
Command Injection
|
CVE-2026-44865
|
2026-05-15 21:44 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1217
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Reserved. Details will be published at disclosure.
|
CWE-20
Improper Input Validation
|
CVE-2026-45392
|
2026-05-15 21:17 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1218
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Reserved. Details will be published at disclosure.
|
CWE-20
Improper Input Validation
|
CVE-2026-45391
|
2026-05-15 21:17 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1219
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Due to improper Spring Security configuration, SAP Commerce Cloud allows an unauthenticated user to perform malicious input injection, resulting in arbitrary server-side code execution, leading to hi…
|
CWE-459
Incomplete Cleanup
|
CVE-2026-34263
|
2026-05-15 21:17 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1220
|
8.3 |
HIGH
Network
|
-
|
-
|
Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: …
|
CWE-787
Out-of-bounds Write
|
CVE-2026-8569
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
