CVE-2024-12378 – Arista EOS Unencrypted VxLAN Tunnel Exposure

May 8, 2025

CVE ID : CVE-2024-12378

Published : May 8, 2025, 7:15 p.m. | 56 minutes ago

Description : On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2024-11186 – Arista CloudVision Portal Elevated Privilege Access Vulnerability

Next Article CVE-2025-30102 – Dell PowerScale OneFS Out-of-Bounds Write Vulnerability

Highlights

CVE-2025-4476 – Apache Libsoup Denial of Service

May 16, 2025

CVE ID : CVE-2025-4476

Published : May 16, 2025, 6:16 p.m. | 2 hours, 47 minutes ago

Description : A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a specifically crafted domain parameter within the WWW-Authenticate header. Processing this malformed header can lead to a crash of the client application using libsoup. An attacker could exploit this by setting up a malicious HTTP server. If a user’s application using the vulnerable libsoup library connects to this malicious server, it could result in a denial-of-service. Successful exploitation requires tricking a user’s client application into connecting to the attacker’s malicious server.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Windows 11 version 25H2: Everything you need to know about Microsoft’s next OS release

Elden Ring Nightreign already has a duos Seamless Co-op mod from the creator of the beloved original, and it’ll be “expanded on in the future”

I love Elden Ring Nightreign’s weirdest boss — he bargains with you, heals you, and throws tantrums if you ruin his meditation

How to install SteamOS on ROG Ally and Legion Go Windows gaming handhelds

Oracle Fusion new Product Management Landing Page and AI (25B)

Oracle Fusion new Product Management Landing Page and AI (25B)

Filament Is Now Running Natively on Mobile

How Remix is shaking things up

Windows 11 version 25H2: Everything you need to know about Microsoft’s next OS release

Windows 11 version 25H2: Everything you need to know about Microsoft’s next OS release

Elden Ring Nightreign already has a duos Seamless Co-op mod from the creator of the beloved original, and it’ll be “expanded on in the future”

I love Elden Ring Nightreign’s weirdest boss — he bargains with you, heals you, and throws tantrums if you ruin his meditation

CVE-2024-12378 – Arista EOS Unencrypted VxLAN Tunnel Exposure

This month in security with Tony Anscombe – May 2025 edition

New Apache InLong Vulnerability (CVE-2025-27522) Exposes Systems to Remote Code Execution Risks

Remote Work vs Office Work in Software Consulting: Whatâ€™s the Best Scenario in 2024?

Enhancing Cyber Defense: CEO Perspectives on Attack Surface Management

How to Set up an Automated SMS Analysis Service with AI in Tines

Ferrari Just Launched an AI App That Lets Fans Experience F1 Like Never Before

CVE-2025-4476 – Apache Libsoup Denial of Service

Psychological Insights on Personality in UX Design

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

Il sondaggio della community Reddit di Arch Linux svela le tendenze ed i trend degli utenti GNU/Linux

CVE-2024-12378 – Arista EOS Unencrypted VxLAN Tunnel Exposure

Related Posts