| CVE-2025-37140 | Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 4.9 | 2025-10-14 16:58:41 | Deep Dive |
| CVE-2025-37139 | Vulnerability in AOS firmware allows for Authenticated Local malicious actor to Permanently Disable Boot | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 6.0 | 2025-10-14 16:58:14 | Deep Dive |
| CVE-2025-37138 | Authenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required) | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 6.2 | 2025-10-14 16:57:51 | Deep Dive |
| CVE-2025-37137 | Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI) | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 6.5 | 2025-10-14 16:57:32 | Deep Dive |
| CVE-2025-37136 | Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI) | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 6.5 | 2025-10-14 16:56:58 | Deep Dive |
| CVE-2025-37135 | Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI) | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 6.5 | 2025-10-14 16:56:37 | Deep Dive |
| CVE-2025-37134 | Authenticated Command Injection Vulnerability in the Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.2 | 2025-10-14 16:56:05 | Deep Dive |
| CVE-2025-37133 | Authenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage. | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.2 | 2025-10-14 16:54:36 | Deep Dive |
| CVE-2025-37132 | Authenticated Remote Code Execution Vulnerability in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.2 | 2025-10-14 16:53:17 | Deep Dive |
| CVE-2025-37148 | Kernel Panic triggered by Modified Ethernet Frames leads to Denial of Service Vulnerability | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | Medium | 6.5 | 2025-10-14 16:43:35 | Deep Dive |
| CVE-2025-37147 | Secure Boot Bypass allows for Compromise of Hardware Root of Trust | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.1 | 2025-10-14 16:42:57 | Deep Dive |
| CVE-2025-37146 | Unauthorized Filesystem Operations in System Firmware allow Authenticated Remote Code Execution | Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | High | 7.2 | 2025-10-14 16:42:31 | Deep Dive |
| CVE-2025-37149 | HPE ProLiant RL300 Gen11 Server 安全漏洞 | Hewlett Packard Enterprise (HPE) | ProLiant RL300 Gen11 Server | Medium | 6.0 | 2025-10-14 15:55:24 | Deep Dive |
| CVE-2025-11731 | Libxslt: type confusion in exsltfuncresultcompfunction of libxslt | - | - | Low | 3.1 | 2025-10-14 06:02:36 | Deep Dive |
| CVE-2025-37729 | Elastic Cloud Enterprise (ECE) Improper Neutralization of Special Elements Used in a Template Engine | Elastic | Elastic Cloud Enterprise (ECE) | Critical | 9.1 | 2025-10-13 13:47:09 | Deep Dive |
| CVE-2025-11675 | Ragic|Enterprise Cloud Database - Arbitrary File Upload | Ragic | Enterprise Cloud Database | High | 7.2 | 2025-10-13 07:56:11 | Deep Dive |
| CVE-2025-59271 | Redis Enterprise Elevation of Privilege Vulnerability | Microsoft | Azure Cache for Redis Enterprise | High | 8.7 | 2025-10-09 21:04:14 | Deep Dive |
| CVE-2017-20203 | NetSarang v5.0 Malicious Backdoor Supply Chain Compromise | NetSarang Computer, Inc. | Xmanager Enterprise | - | - | 2025-10-09 17:01:08 | Deep Dive |
| CVE-2025-11561 | Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems | - | - | High | 8.8 | 2025-10-09 13:37:53 | Deep Dive |
| CVE-2025-6242 | Vllm: server side request forgery (ssrf) in mediaconnector | Red Hat | Red Hat AI Inference Server | High | 7.1 | 2025-10-07 19:45:18 | Deep Dive |