EUVD-2025-2227

Malicious code in bioql PyPI...

Dell Avamar / AVE < 19.12 privilege elevation (DSA-2025-071)

According to its self-reported version number, the Dell Avamar or Avamar Virtual Edition AVE software running on the remote host is 19.4 prior to 19.12. It is, therefore, affected by a privilege elevation vulnerability: - Dell Avamar, version 19.4 or later, contains an access token reuse...

CVE-2025-21117

Dell Avamar, version 19.4 or later, contains an access token reuse vulnerability in the AUI. A low privileged local attacker could potentially exploit this vulnerability, leading to fully impersonating the user...

UBUNTU-CVE-2022-45582

Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the successurl parameter...

CVE-2022-34368

Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources...

Cross site request forgery (csrf)

Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contains a Cross-Site Request Forgery Vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to processing of unintended server operations...

Design/Logic Flaw

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service DoS by sending specific packets over VXLAN which cause the PFE to reset. This issue...

CVE-2021-36316

Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 contain an improper privilege management vulnerability in AUI. A malicious user with high privileges could potentially exploit this vulnerability, leading to the disclosure of the AUI info and performing some unauthorized operation ...

PT-2021-21220 · Dell Emc · Dell Emc Avamar

Name of the Vulnerable Software and Affected Versions: Dell EMC Avamar versions 18.2, 19.1, 19.2, 19.3, 19.4 Description: The issue is related to plain-text password storage. A high privileged user could potentially exploit this, leading to a complete outage. Recommendations: For versions 18.2,...

CVE-2021-31386 Junos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks.

A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle PitM attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1...

CVE-2021-31373

Juniper Networks Junos OS SRX Series J-Web exposes a persistent XSS when authenticated users access the J-Web interface. An attacker could inject scripts to steal data or hijack sessions. Affected: SRX Series across multiple releases prior to specific fixed deployments (e.g., 18.2R3-S8; 18.3R3-S5...

CVE-2021-0292

An Uncontrolled Resource Consumption vulnerability in the ARP daemon arpd and Network Discovery Protocol ndp process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service DoS condition...

CVE-2021-0231

A path traversal vulnerability in the Juniper Networks SRX and vSRX Series may allow an authenticated J-web user to read sensitive system files. This issue affects Juniper Networks Junos OS on SRX and vSRX Series: 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R2-S4,...

Design/Logic Flaw

An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an attacker to cause Denial of Service DoS by sending certain crafted HTTP packets. Continued receipt and processing of these packets will creat...

Juniper Junos OS Vulnerability (JSA11129)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11129 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable Network Security, Inc...

CVE-2021-21511

Dell EMC Avamar Server, versions 19.3 and 19.4 contain an Improper Authorization vulnerability in the web UI. A remote low privileged attacker could potentially exploit this vulnerability, to gain unauthorized read or modification access to other users' backup data...

CVE-2021-0209

In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service DoS. Continued receipt of these types of valid BGP update packets will cause an extended Denia...

Command injection

A command injection vulnerability in the license-check daemon of Juniper Networks Junos OS that may allow a locally authenticated attacker with low privileges to execute commands with root privilege. license-check is a daemon used to manage licenses in Junos OS. To update licenses, a user execute...

CVE-2021-0218 Junos OS: Command injection vulnerability in license-check daemon

A command injection vulnerability in the license-check daemon of Juniper Networks Junos OS that may allow a locally authenticated attacker with low privileges to execute commands with root privilege. license-check is a daemon used to manage licenses in Junos OS. To update licenses, a user execute...

CVE-2020-1686

On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart vmcore. This issue can be trigged by a malformed IPv6 packet destined to the Routing Engine. An attacker can repeatedly send the offending packet resulting in an extended Denial of...