VYPR

Vendor CVEs

Open Networking Foundation

All CVEs

50 total · sorted by risk
  • CVE-2023-41591CriMay 29, 2025
    risk 0.64cvss 9.8epss 0.00

    An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middle attack on communications between fake and real hosts.

  • CVE-2023-52727HigApr 30, 2024
    risk 0.53cvss 8.1epss 0.01

    Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in parseAlignBits.

  • CVE-2023-52724HigApr 30, 2024
    risk 0.53cvss 8.1epss 0.01

    Open Networking Foundation SD-RAN onos-kpimon 0.4.7 allows out-of-bounds array access in the processIndicationFormat1 function.

  • CVE-2024-48809HigNov 4, 2024
    risk 0.49cvss 7.5epss 0.01

    An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial of service via the onos-a1t component of the sdran-in-a-box, specifically the DeleteWatcher function.

  • CVE-2024-34050HigApr 30, 2024
    risk 0.49cvss 7.5epss 0.01

    Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return uint64(b[2])<<16 | uint64(b[1])<<8 | uint64(b[0])" in reader.go.

  • CVE-2024-34049HigApr 30, 2024
    risk 0.49cvss 7.5epss 0.01

    Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return plmnIdString[0:3], plmnIdString[3:]" in reader.go.

  • CVE-2024-31195MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31194MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31193MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31192MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31191MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31190MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31189MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31188MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31187MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31186MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31184MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterStats::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31183MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::Hello::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31181MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupStats::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31180MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupDesc::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31179MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropInstruction::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31178MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropNextTables::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31177MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31176MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropOXM::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31174MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::FeaturesReply::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31173MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyFlow::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31172MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyTable::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31171MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyPort::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31170MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyQueue::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31169MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::QueueGetConfigReply::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31168MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::EchoCommon::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31166MedSep 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::HelloElemVersionBitmap::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2023-52726MedApr 30, 2024
    risk 0.42cvss 6.5epss 0.00

    Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition of the processing of an error (in the Subscribe function implementation for the subscribed indication stream).

  • CVE-2023-52725MedApr 30, 2024
    risk 0.42cvss 6.5epss 0.00

    Open Networking Foundation SD-RAN ONOS onos-kpimon 0.4.7 allows blocking of the errCh channel within the Start function of the monitoring package.

  • CVE-2023-30093MedMay 4, 2023
    risk 0.40cvss 6.1epss 0.00

    A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.

  • CVE-2023-24279MedMar 14, 2023
    risk 0.40cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.

  • CVE-2024-53423MedMay 29, 2025
    risk 0.36cvss 5.6epss 0.00

    An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted packets.

  • CVE-2023-52728MedApr 30, 2024
    risk 0.36cvss 5.5epss 0.00

    Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in putBitString.

  • CVE-2018-1999020MedJul 23, 2018
    risk 0.36cvss 5.5epss 0.01

    Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite). This attack…

  • CVE-2024-31198MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.00

    Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31197MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.00

    Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31196MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.00

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::ActionList::unpack10. This issue affects libfluid: 0.1.0.

  • CVE-2024-31185MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.00

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterBandList::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31182MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.00

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack10. This issue affects libfluid: 0.1.0.

  • CVE-2024-31175MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.01

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TablePropertiesList::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31167MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.01

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack13. This issue affects libfluid: 0.1.0.

  • CVE-2024-31165MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.01

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::SetFieldAction::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-31164MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.01

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionList::unpack13. This issue affects libfluid: 0.1.0.

  • CVE-2024-23916MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.01

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionSet::unpack. This issue affects libfluid: 0.1.0.

  • CVE-2024-23915MedSep 18, 2024
    risk 0.34cvss 5.3epss 0.01

    Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::of13::InstructionSet::unpack. This issue affects libfluid: 0.1.0.