An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or....
8.8CVSS
8.9AI Score
0.001EPSS
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue...
5.5CVSS
5.8AI Score
0.0004EPSS
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue...
5.5CVSS
5.8AI Score
0.0004EPSS
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue...
5.5CVSS
5.8AI Score
0.0004EPSS
An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or....
8.8CVSS
8.3AI Score
0.001EPSS
An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or....
8.8CVSS
8.8AI Score
0.001EPSS
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a...
6.5CVSS
6.5AI Score
0.0004EPSS
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue...
5.5CVSS
5.8AI Score
0.0004EPSS
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This.....
5.5CVSS
5.8AI Score
0.0004EPSS
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS). On all Junos MX Series with MPC1 - MPC9, LC480, LC2101,...
5.5CVSS
5.6AI Score
0.0004EPSS
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will...
7.5CVSS
6.8AI Score
0.0005EPSS
An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework (jsf) module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine (pfe) and thereby resulting in a Denial of Service (DoS)......
7.5CVSS
7.6AI Score
0.001EPSS
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will...
7.5CVSS
7.4AI Score
0.0005EPSS
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS). An attacker who sends malformed...
7.5CVSS
7.6AI Score
0.0005EPSS
An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker who sends specific LLDP packets to cause a Denial of Service(DoS). This issue occurs...
6.5CVSS
6.5AI Score
0.0004EPSS
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS). An attacker who sends malformed...
7.5CVSS
7.5AI Score
0.0005EPSS
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will...
7.5CVSS
7.4AI Score
0.0005EPSS
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS). An attacker who sends malformed...
7.5CVSS
7.5AI Score
0.0005EPSS
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS). On all Junos MX Series with MPC1 - MPC9, LC480, LC2101,...
5.5CVSS
5.8AI Score
0.0004EPSS
CVE-2023-44184 Junos OS and Junos OS Evolved: High CPU load due to specific NETCONF command
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a...
6.5CVSS
6.7AI Score
0.0004EPSS
An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or....
7.3CVSS
9.2AI Score
0.001EPSS
CVE-2023-44178 Junos OS : Stack overflow vulnerability in CLI command processing
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue...
5.5CVSS
6AI Score
0.0004EPSS
CVE-2023-44177 Junos OS and Junos OS Evolved: Stack overflow vulnerability in CLI command processing
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This.....
5.5CVSS
6AI Score
0.0004EPSS
A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will...
6.5CVSS
7.6AI Score
0.0005EPSS
CVE-2023-36841 Junos OS: MX Series: Receipt of malformed TCP traffic will cause a Denial of Service
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS). An attacker who sends malformed...
7.5CVSS
7.7AI Score
0.0005EPSS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
6.7CVSS
7.2AI Score
0.0004EPSS
SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service vulnerability
Talos Vulnerability Report TALOS-2023-1741 SoftEther VPN vpnserver EnSafeHttpHeaderValueStr denial of service vulnerability October 12, 2023 CVE Number CVE-2023-23581 SUMMARY A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674....
7.5CVSS
6.8AI Score
0.0005EPSS
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash,...
5.3CVSS
5.1AI Score
0.0004EPSS
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system....
5.5CVSS
5.7AI Score
0.0004EPSS
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system....
5.9CVSS
5.5AI Score
0.0004EPSS
An Improper Handling of Exceptional Conditions vulnerability in AS PATH processing of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a BGP update message with an AS PATH containing a large number of 4-byte ASes, leading to a Denial of Service (DoS). Continued receipt and....
7.5CVSS
7.4AI Score
0.0005EPSS
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system....
5.5CVSS
5.5AI Score
0.0004EPSS
CVE-2023-44187 Junos OS Evolved: 'file copy' CLI command can disclose password to shell users
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system....
5.9CVSS
5.9AI Score
0.0004EPSS
Juniper Junos OS Vulnerability (JSA73172)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73172 advisory. An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a...
7.5CVSS
7.4AI Score
0.0005EPSS
Siemens SIMATIC CP Device Improper Access Control Vulnerability
The SIMATIC CP 1623, CP 1626 and CP 1628 are PCI express cards for connection to industrial Ethernet. the SIMATIC CP 1604 and CP 1616 are PCI/PCI-104 cards for the connection of field devices to PROFINET industrial Ethernet. The Siemens SIMATIC CP devices suffer from an Improper Access Control...
6.7CVSS
7.8AI Score
0.0004EPSS
Juniper Junos OS Vulnerability (JSA73147)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73147 advisory. An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS...
6.5CVSS
6.4AI Score
0.0004EPSS
Siemens SIMATIC CP Device Uncontrolled Resource Consumption Vulnerability
The SIMATIC CP 1623, CP 1626 and CP 1628 are PCI express cards for connection to industrial Ethernet. the SIMATIC CP 1604 and CP 1616 are PCI/PCI-104 cards for the connection of field devices to PROFINET industrial Ethernet. The Siemens SIMATIC CP devices are vulnerable to an uncontrolled resource....
4.4CVSS
6.7AI Score
0.0004EPSS
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which.....
6.7CVSS
6.7AI Score
0.0004EPSS
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which.....
6.7CVSS
6.7AI Score
0.0004EPSS
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests......
4.4CVSS
4.8AI Score
0.0004EPSS
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests......
4.4CVSS
4.5AI Score
0.0004EPSS
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which.....
6.7CVSS
6.7AI Score
0.0004EPSS
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests......
4.4CVSS
5AI Score
0.0004EPSS
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests......
4.4CVSS
4.9AI Score
0.0004EPSS
A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which.....
6.7CVSS
6.9AI Score
0.0004EPSS
Debian DLA-3611-1 : inetutils - LTS security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3611 advisory. Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to...
7.8CVSS
7.9AI Score
0.003EPSS
Exploit for Out-of-bounds Write in Webmproject Libvpx
CVE-2023-5217: libvpx VP8 Encoding Heap Overflow PoC...
8.8CVSS
7.4AI Score
0.248EPSS
Cacti graph_view SQL Injection Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication or escalate privileges on affected installations of Cacti. Authentication is required to exploit this vulnerability when the product is in its default configuration. The specific flaw exists within the graph_view endpoint. The...
6.3CVSS
7.7AI Score
0.001EPSS
Prime.sol: stakedAt value is not deleted when manually issuing an irrevocable token
Lines of code Vulnerability details Impact Protocol specifications state that a user cannot have less than the minimum xvs staked if they are not irrevocable prime token users. In other words, only holders of irrevocables prime tokens can have less than the minimum xvs staked. The problem arises...
7AI Score
8.2CVSS
7.3AI Score
0.001EPSS