Filtered by vendor Infoblox
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32813 | 1 Infoblox | 1 Netmri | 2025-06-03 | 7.2 High |
| An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur. | ||||
| CVE-2024-54188 | 1 Infoblox | 1 Netmri | 2025-06-03 | 5.3 Medium |
| Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access. | ||||
| CVE-2025-32814 | 1 Infoblox | 1 Netmri | 2025-06-03 | 9.8 Critical |
| An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur. | ||||
| CVE-2025-32815 | 1 Infoblox | 1 Netmri | 2025-06-03 | 6.5 Medium |
| An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded credential can occur. | ||||
| CVE-2024-52874 | 1 Infoblox | 1 Netmri | 2025-05-30 | 8.8 High |
| In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks. | ||||
| CVE-2016-6484 | 1 Infoblox | 1 Netmri | 2025-04-20 | N/A |
| CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf. | ||||
| CVE-2015-2033 | 1 Infoblox | 1 Netmri | 2025-04-12 | N/A |
| Anyterm Daemon in Infoblox Network Automation NetMRI before NETMRI-23483 allows remote attackers to execute arbitrary commands with root privileges via a crafted terminal/anyterm-module request. | ||||
| CVE-2014-3418 | 1 Infoblox | 1 Netmri | 2025-04-12 | N/A |
| config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute arbitrary commands via shell metacharacters in the skipjackUsername parameter. | ||||
| CVE-2014-3419 | 1 Infoblox | 1 Netmri | 2025-04-12 | N/A |
| Infoblox NetMRI before 6.8.5 has a default password of admin for the "root" MySQL database account, which makes it easier for local users to obtain access via unspecified vectors. | ||||
| CVE-2011-5178 | 1 Infoblox | 1 Netmri | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) eulaAccepted or (2) mode parameter. | ||||
| CVE-2024-36046 | 1 Infoblox | 1 Nios | 2025-04-10 | 9.8 Critical |
| Infoblox NIOS through 8.6.4 executes with more privileges than required. | ||||
| CVE-2024-36047 | 1 Infoblox | 1 Nios | 2025-04-10 | 9.8 Critical |
| Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation. | ||||
| CVE-2024-37567 | 1 Infoblox | 1 Nios | 2025-04-10 | 9.1 Critical |
| Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. | ||||
| CVE-2024-37566 | 1 Infoblox | 1 Nios | 2025-04-10 | 9.8 Critical |
| Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. | ||||
| CVE-2004-0461 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2025-04-03 | N/A |
| The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | ||||
| CVE-2004-0606 | 1 Infoblox | 1 Dns One Appliance | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Infoblox DNS One running firmware 2.4.0-8 and earlier allows remote attackers to execute arbitrary scripts as other users via the (1) CLIENTID or (2) HOSTNAME option of a DHCP request. | ||||
| CVE-2004-0460 | 5 Infoblox, Isc, Mandrakesoft and 2 more | 11 Dns One Appliance, Dhcpd, Mandrake Linux and 8 more | 2025-04-03 | N/A |
| Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | ||||
| CVE-2002-2213 | 2 Infoblox, Isc | 2 Dns One, Bind | 2025-04-03 | N/A |
| The DNS resolver in unspecified versions of Infoblox DNS One, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods. | ||||
| CVE-2022-32972 | 1 Infoblox | 1 Bloxone Endpoint | 2025-03-18 | 7.8 High |
| Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation. | ||||
| CVE-2023-37249 | 1 Infoblox | 1 Nios | 2024-11-21 | 8.8 High |
| Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access. | ||||