Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-61879 | 1 Infoblox | 1 Nios | 2026-02-19 | N/A | 7.7 HIGH |
|
In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via the Account Creation Mechanism.
|
|||||
| CVE-2025-61880 | 1 Infoblox | 1 Nios | 2026-02-19 | N/A | 8.8 HIGH |
|
In Infoblox NIOS through 9.0.7, insecure deserialization can result in remote code execution.
|
|||||
| CVE-2022-28975 | 1 Infoblox | 1 Nios | 2026-01-27 | N/A | 5.4 MEDIUM |
|
A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field.
|
|||||
| CVE-2024-36046 | 1 Infoblox | 1 Nios | 2025-04-10 | N/A | 9.8 CRITICAL |
|
Infoblox NIOS through 8.6.4 executes with more privileges than required.
|
|||||
| CVE-2024-36047 | 1 Infoblox | 1 Nios | 2025-04-10 | N/A | 9.8 CRITICAL |
|
Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation.
|
|||||
| CVE-2024-37567 | 1 Infoblox | 1 Nios | 2025-04-10 | N/A | 9.1 CRITICAL |
|
Infoblox NIOS through 8.6.4 has Improper Access Control for Grids.
|
|||||
| CVE-2024-37566 | 1 Infoblox | 1 Nios | 2025-04-10 | N/A | 9.8 CRITICAL |
|
Infoblox NIOS through 8.6.4 has Improper Authentication for Grids.
|
|||||
| CVE-2023-37249 | 1 Infoblox | 1 Nios | 2024-11-21 | N/A | 8.8 HIGH |
|
Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.
|
|||||
| CVE-2020-15303 | 1 Infoblox | 1 Nios | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564.
|
|||||
| CVE-2018-10239 | 1 Infoblox | 1 Nios | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on an affected device and perform actions within the super user scope. The vulnerability is due to a weakness in the "support access" password generation algorithm. A locally authenticated administrative user may be able to exploit this vulnerability if the "support access" feature is enabled, they know ...
Show More |
|||||