CVE-2024-39521

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39521 Junos OS Evolved: CLI parameter processing issue allows privilege escalation

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

CVE-2024-39521 Junos OS Evolved: CLI parameter processing issue allows privilege escalation

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

Adobe Dreamweaver 21.0 < 21.4 Arbitrary code execution (APSB24-39)

The version of Adobe Dreamweaver installed on the remote Windows host is prior to 21.4. It is, therefore, affected by a vulnerability as referenced in the APSB24-39 advisory. - Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' CWE-78 potentially leading to...

Juniper Junos OS Vulnerability (JSA75743)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75743 advisory. - A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to...

CVE-2024-30401 Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman

An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC...

CVE-2024-30388 Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps

An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If a specific malformed LACP packet is received by a QFX5000...

CVE-2024-21618 Junos OS and Junos OS Evolved: When LLDP is enabled and a malformed LLDP packet is received, l2cpd crashes

An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon l2cpd of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms, when LLDP is...

CVE-2024-21602

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...

Null pointer dereference

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...

Design/Logic Flaw

An Incomplete Cleanup vulnerability in Nonstop active routing NSR component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service DoS. On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual...

CVE-2023-44195 Junos OS Evolved: Packets which are not destined to the router can reach the RE

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon nsagentd of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If specific packets reach...

CVE-2023-1786 affecting package cloud-init 21.4-2

CVE-2023-1786 affecting package cloud-init 21.4-2. A patched version of the package is available...

CVE-2023-36835 Junos OS: QFX10000 Series: All traffic will be dropped after a specific valid IP packet has been received which needs to be routed over a VXLAN tunnel

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service DoS. If a specific valid IP packet is received and that packet needs to be routed...

CVE-2023-36833 Junos OS Evolved: PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202: The aftman-bt process will crash in a MoFRR scenario after multiple link flaps

A Use After Free vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS Evolved on PTX10001-36MR, and PTX10004, PTX10008, PTX10016 with LC1201/1202 allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. The process 'aftman-bt' will crash after...

CVE-2023-21943

Vulnerability in Oracle Essbase component: Security and Provisioning. The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Essbase. Successful attacks require human interaction from a...

CVE-2023-21942

CVE-2023-21942 affects Oracle Essbase (Security and Provisioning) with affected version 21.4. The vulnerability enables an unauthenticated attacker over the network (via HTTP) to compromise Essbase; exploitation requires user interaction from someone other than the attacker, and can lead to unaut...

Oracle Essbase 安全漏洞

Oracle Essbase is an application from Oracle Corporation Oracle. enables organizations to quickly generate insights from multidimensional data sets using what-if analysis and data visualization tools. A security vulnerability exists in Oracle Essbase version 21.4. An attacker exploiting this...

Oracle Essbase 安全漏洞

Oracle Essbase is an application from Oracle Corporation Oracle. enables organizations to quickly generate insights from multidimensional data sets using what-if analysis and data visualization tools. A security vulnerability exists in Oracle Essbase version 21.4. An attacker exploiting this...

CVE-2023-28980 Junos OS and Junos OS Evolved: In a BGP rib sharding scenario an rpd crash will happen shortly after a specific CLI command is issued

A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service DoS. In a rib sharding scenario the rpd process will crash shortly after specific CLI command is...