CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processing behavior controls.
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions.
A command injection vulnerability exists in the Captive Portal Custom Handler of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). An administrative account logged into the user interface can exploit this vulnerability to execute arbitrary platform shell commands.
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed.
An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management. This issue uniquely affects version 17.4.0; earlier software releases are not exposed.
HAX CMS versions from 2.0.0 to 26.0.0 have the gitlist plugin exposed to unauthenticated users, allowing unauthenticated browsing of git repositories and git history.
Na dotkniętych platformach z obsługą sprzętowego IPSec działających na Arista EOS z włączonymi określonymi funkcjami IPsec, EOS może wykazywać nieoczekiwane zachowanie w określonych przypadkach. Fluktuacje interfejsów fizycznych oraz niektóre restarty agentów mogą powodować ponowne nawiązywanie tunelu IPsec z istniejącymi skojarzeniami bezpieczeństwa, co prowadzi do niezgodności numerów sekwencyjnych między punktami końcowymi tunelu.
W urządzeniach D-Link DWR-M920 do wersji 1.1.50 zidentyfikowano lukę, która pozwala na zdalne wstrzyknięcie poleceń systemowych poprzez manipulację argumentem IMEI_value w funkcji sub_412DA0 w pliku /boafrm/formIMEISetup.
A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter a non-responsive state.
On affected platforms running Arista EOS, a tunnel decapsulation configuration, such as VXLAN, decap-groups, or a GRE tunnel interface, may lead to incorrect decapsulation and forwarding of other unexpected tunneled packets. This issue arises from the switch's failure to verify the tunnel protocol type.
7-Zip versions 9.18 through 26.00 contain a heap out-of-bounds read vulnerability in the BSD SYMDEF parser. The ParseLibSymbols function reads data beyond the allocated memory area, potentially leading to leakage of uninitialized data.
7-Zip, a file archiver, contains an off-by-one vulnerability in the ParseDepedencyExpression function that may lead to out-of-bounds reads. Versions 9.21 through 26.00 are affected, potentially resulting in crashes or minor information disclosure.
7-Zip versions 9.18 through 26.00 contain a vulnerability in the SquashFS archive handler, involving an uninitialized heap read. This issue occurs when processing images with few inodes, potentially leading to memory information disclosure.
7-Zip versions 9.34 through 26.00 contain an off-by-one vulnerability in the WIM archive handler, leading to out-of-bounds read. An attacker can control the security identifier, allowing for application crashes.
A vulnerability was detected in D-Link DWR-M920 up to version 1.1.50. Manipulation of the ussdValue argument in the sub_41CF20 function leads to command injection, allowing for remote attacks.
W systemie zarządzania uczelnią tittuvarghese CollegeManagementSystem zidentyfikowano podatność, która dotyczy nieznanej funkcjonalności pliku /dashboard_page/forms/fetch.php. Manipulacja argumentem department_name prowadzi do ataku typu cross site scripting (XSS).
CVX nie jest odporny na nieoczekiwane wiadomości z podłączonego przełącznika, co prowadzi do awarii agentów na CVX i niestabilności klastra CVX. Atakujący może wykorzystać to zachowanie do stworzenia scenariusza odmowy usługi (DoS).
W klastrze CVX, przełącznik EOS połączony z serwerem CVX nie jest odporny na pewne źle sformułowane wiadomości otrzymywane z połączonego serwera CVX. Podobnie, serwer CVX nie jest odporny na pewne źle sformułowane wiadomości otrzymywane z połączonego przełącznika EOS, co prowadzi do awarii agenta Sysdb na urządzeniu EOS lub awarii agentów na serwerze CVX.
7-Zip, a file archiver, contains an uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in versions 9.21 through 26.00. The OpenCapsule function allocates a heap buffer without zero-initialization, which may lead to unauthorized data exposure.
A vulnerability has been found in the CollegeManagementSystem affecting an unknown function in the dashboard_page/admin_page.php file of the Admin Interface component. Manipulation of the UserAuthData argument leads to improper authorization.

