Skip to main content

Advanced Core Operating System

6 CVEs product

Monthly

CVE-2024-30369 HIGH This Week

A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Advanced Core Operating System
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2024-30368 HIGH This Week

A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Advanced Core Operating System
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2020-24384 CRITICAL PATCH Act Now

A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Agalaxy Advanced Core Operating System
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2018-5390 HIGH PATCH This Week

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Virtualization Enterprise Linux Desktop Enterprise Linux Server +35
NVD
CVSS 3.1
7.5
EPSS
73.5%
CVE-2016-10213 MEDIUM This Month

A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Advanced Core Operating System
NVD GitHub
CVSS 3.0
5.9
EPSS
0.5%
CVE-2014-3976 MEDIUM POC THREAT This Month

Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) before 2.7.0-p6 and 2.7.1 before 2.7.1-P1_55 allows remote attackers to cause a denial of service (crash) and possibly execute. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.5%.

Denial Of Service RCE Buffer Overflow Advanced Core Operating System
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
33.5%
EPSS 0% CVSS 7.8
HIGH This Week

A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation RCE Advanced Core Operating System
NVD
EPSS 3% CVSS 8.8
HIGH This Week

A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Advanced Core Operating System
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Agalaxy Advanced Core Operating System
NVD
EPSS 74% CVSS 7.5
HIGH PATCH This Week

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Virtualization +37
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Advanced Core Operating System
NVD GitHub
EPSS 33% CVSS 5.0
MEDIUM POC THREAT This Month

Buffer overflow in A10 Networks Advanced Core Operating System (ACOS) before 2.7.0-p6 and 2.7.1 before 2.7.1-P1_55 allows remote attackers to cause a denial of service (crash) and possibly execute. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 33.5%.

Denial Of Service RCE Buffer Overflow +1
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy