Vulnerabilities > Arista > EOS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-28 | CVE-2020-24360 | Improper Resource Shutdown or Release vulnerability in Arista EOS An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. | 7.4 |
| 2020-12-28 | CVE-2020-15898 | Unspecified vulnerability in Arista EOS In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. | 5.3 |
| 2020-12-28 | CVE-2020-26569 | Unspecified vulnerability in Arista EOS In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. | 5.9 |
| 2020-10-26 | CVE-2020-15897 | Unspecified vulnerability in Arista EOS Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router. | 7.5 |
| 2020-10-21 | CVE-2020-17355 | Unspecified vulnerability in Arista EOS Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed. | 7.5 |
| 2020-04-16 | CVE-2019-18948 | Unspecified vulnerability in Arista EOS An issue was found in Arista EOS. | 7.5 |
| 2020-03-06 | CVE-2020-10188 | Classic Buffer Overflow vulnerability in multiple products utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. network low complexity netkit-telnet-project fedoraproject debian arista oracle juniper CWE-120 critical | 9.8 |
| 2020-01-31 | CVE-2015-6815 | Infinite Loop vulnerability in multiple products The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. | 3.5 |
| 2020-01-23 | CVE-2015-5745 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message. | 6.5 |
| 2020-01-23 | CVE-2015-5278 | Infinite Loop vulnerability in multiple products The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets. | 6.5 |