Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
onosproject onos vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-13763
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited.
Onosproject Onos 1.9.0
Onosproject Onos 1.8.0
Onosproject Onos 1.10.0
6.1
CVSSv3
CVE-2017-13762
ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS.
Onosproject Onos 1.9.0
Onosproject Onos 1.8.0
Onosproject Onos 1.10.0
6.1
CVSSv3
CVE-2017-1000078
Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
7.5
CVSSv3
CVE-2017-1000079
Linux foundation ONOS 1.9.0 is vulnerable to a DoS.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
7.5
CVSSv3
CVE-2017-1000080
Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
9.8
CVSSv3
CVE-2017-1000081
Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
2 Github repositories
6.8
CVSSv3
CVE-2018-12691
Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and previous versions allows malicious users to bypass network access control via data plane packet injection.
Onosproject Onos
6.1
CVSSv3
CVE-2023-30093
A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.
Onosproject Onos
3 Github repositories
7.5
CVSSv3
CVE-2018-1000615
ONOS ONOS Controller version 1.13.1 and previous versions contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service ONOS controller via a normal switch.. This attack appear to be exploita...
Onosproject Onos
9.8
CVSSv3
CVE-2018-1000614
ONOS ONOS Controller version 1.13.1 and previous versions contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XX...
Onosproject Onos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »