Vulnerabilities > Arubanetworks > Arubaos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-13 | CVE-2019-5315 | OS Command Injection vulnerability in Arubanetworks Arubaos A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. | 7.2 |
| 2019-09-13 | CVE-2019-5314 | Injection vulnerability in Arubanetworks Arubaos Some web components in the ArubaOS software are vulnerable to HTTP Response splitting (CRLF injection) and Reflected XSS. | 6.1 |
| 2019-09-13 | CVE-2018-7081 | Improper Input Validation vulnerability in Arubanetworks Arubaos A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. | 9.8 |
| 2018-12-07 | CVE-2018-7080 | Unspecified vulnerability in Arubanetworks products A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. high complexity arubanetworks | 7.5 |
| 2017-10-04 | CVE-2017-14491 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response. | 9.8 |