Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mx2008 Security Vulnerabilities

cve
cve

CVE-2020-1608

Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX...

7.5CVSS

7.3AI Score

0.001EPSS

2020-01-15 09:15 AM
30
cve
cve

CVE-2019-0063

When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. The daemon automatically restarts without intervention, but...

7.5CVSS

7.7AI Score

0.001EPSS

2019-10-09 08:15 PM
42
cve
cve

CVE-2019-0065

On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending a crafted SIP packet, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a sustained Denial of Service. This issue...

7.5CVSS

7.4AI Score

0.001EPSS

2019-10-09 08:15 PM
44
cve
cve

CVE-2019-0056

This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker to cause the device's Open Shortest Path First (OSPF) states to transition to Down, resulting in a.....

7.5CVSS

7.5AI Score

0.001EPSS

2019-10-09 08:15 PM
40
cve
cve

CVE-2019-0007

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during...

10CVSS

9.2AI Score

0.002EPSS

2019-01-15 09:29 PM
28
cve
cve

CVE-2018-15504

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than...

7.5CVSS

7.5AI Score

0.005EPSS

2018-08-18 03:29 AM
22
cve
cve

CVE-2014-9708

Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range:...

8.9AI Score

0.064EPSS

2015-03-31 02:59 PM
27
4
Total number of security vulnerabilities57