Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
onosproject onos vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-13762
ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS.
Onosproject Onos 1.9.0
Onosproject Onos 1.10.0
Onosproject Onos 1.8.0
445
VMScore
CVE-2017-13763
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited.
Onosproject Onos 1.10.0
Onosproject Onos 1.9.0
Onosproject Onos 1.8.0
383
VMScore
CVE-2017-1000078
Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
445
VMScore
CVE-2017-1000080
Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
445
VMScore
CVE-2017-1000079
Linux foundation ONOS 1.9.0 is vulnerable to a DoS.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
668
VMScore
CVE-2017-1000081
Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution.
Onosproject Onos 1.8.0
Onosproject Onos 1.9.0
2 Github repositories
383
VMScore
CVE-2018-12691
Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and previous versions allows malicious users to bypass network access control via data plane packet injection.
Onosproject Onos
NA
CVE-2023-30093
A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.
Onosproject Onos
3 Github repositories
668
VMScore
CVE-2018-1000614
ONOS ONOS Controller version 1.13.1 and previous versions contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XX...
Onosproject Onos
694
VMScore
CVE-2015-7516
ONOS prior to 1.5.0 when using the ifwd app allows remote malicious users to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Frame (0x8870).
Onosproject Onos
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »