Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
onosproject onos vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-13762
ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS.
Onosproject Onos 1.9.0
Onosproject Onos 1.10.0
Onosproject Onos 1.8.0
7.5
CVSSv3
CVE-2017-13763
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited.
Onosproject Onos 1.10.0
Onosproject Onos 1.9.0
Onosproject Onos 1.8.0
7.5
CVSSv3
CVE-2017-1000079
Linux foundation ONOS 1.9.0 is vulnerable to a DoS.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
6.1
CVSSv3
CVE-2017-1000078
Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
9.8
CVSSv3
CVE-2017-1000081
Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
2 Github repositories
7.5
CVSSv3
CVE-2017-1000080
Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
6.1
CVSSv3
CVE-2023-30093
A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.
Onosproject Onos
3 Github repositories
7.5
CVSSv3
CVE-2015-7516
ONOS prior to 1.5.0 when using the ifwd app allows remote malicious users to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Frame (0x8870).
Onosproject Onos
9.8
CVSSv3
CVE-2018-1000614
ONOS ONOS Controller version 1.13.1 and previous versions contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XX...
Onosproject Onos
7.5
CVSSv3
CVE-2018-1000615
ONOS ONOS Controller version 1.13.1 and previous versions contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service ONOS controller via a normal switch.. This attack appear to be exploita...
Onosproject Onos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »