Arista Metamako Operating System JSON-RPC APIs improper authentication

A vulnerability, which was classified as critical, has been found in Arista Metamako Operating System (affected version not known). Affected by this issue is some unknown processing of the component JSON-RPC APIs. Upgrading eliminates this vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

CVE-2024-34693 : APACHE SUPERSET UP TO 3.1.2/4.0.0 MARIADB CONNECTION INFORMATION DISCLOSURE

Description Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile

CVE-2024-6146 : ACTIONTEC WCB6200Q 1.2L.03.5 HTTP SERVER UH_GET_POSTDATA_WITHUPLOAD STACK-BASED OVERFLOW

CVE-2024-6146 : ACTIONTEC WCB6200Q 1.2L.03.5 HTTP SERVER UH_GET_POSTDATA_WITHUPLOAD STACK-BASED OVERFLOW

Description Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code

CVE-2024-36978 : LINUX KERNEL UP TO 6.10-RC2 SCH_MULTIQ MULTIQ_TUNE OUT-OF-BOUNDS WRITE

CVE-2024-36978 : LINUX KERNEL UP TO 6.10-RC2 SCH_MULTIQ MULTIQ_TUNE OUT-OF-BOUNDS WRITE

Description In the Linux kernel, the following vulnerability has been resolved: net: sched: sch_multiq: fix possible OOB write in multiq_tune()