Lucene search
K

362 matches found

Vulnrichment
Vulnrichment
added 2024/07/11 4:26 p.m.23 views

CVE-2024-39548 Junos OS Evolved: Receipt of specific packets in the aftmand process will lead to a memory leak

An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to consume memory resources, resulting in a Denial of Service DoS condition. The processes do not recover on their own and must be...

7.5CVSS6.9AI score0.00491EPSS
Exploits0References1
CVE
CVE
added 2024/07/11 4:26 p.m.59 views

CVE-2024-39548

CVE-2024-39548 describes an Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved. An unauthenticated, network-based attacker can cause memory consumption leading to a Denial of Service; affected systems do not recover automatically and requir...

7.5CVSS7.5AI score0.00491EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/07/11 4:26 p.m.20 views

CVE-2024-39548 Junos OS Evolved: Receipt of specific packets in the aftmand process will lead to a memory leak

An Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to consume memory resources, resulting in a Denial of Service DoS condition. The processes do not recover on their own and must be...

7.5CVSS0.00491EPSS
Exploits0References1
OSV
OSV
added 2024/07/11 4:15 p.m.4 views

CVE-2024-39524

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle...

8.5CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/11 4:13 p.m.20 views

CVE-2024-39536 Junos OS and Junos OS Evolved: Flaps of BFD sessions with authentication cause a ppmd memory leak

A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon ppmd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service DoS. When a BFD session configured with authentication...

6CVSS7.4AI score0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/10 10:47 p.m.22 views

CVE-2024-39562 Junos OS Evolved: A high rate of SSH connections causes a Denial of Service

A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...

8.7CVSS0.00434EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/10 10:39 p.m.17 views

CVE-2024-39557 Junos OS Evolved: MAC table changes cause a memory leak

An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service DoS...

7.1CVSS0.00248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/10 10:39 p.m.22 views

CVE-2024-39557 Junos OS Evolved: MAC table changes cause a memory leak

An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service DoS...

7.1CVSS7AI score0.00248EPSS
Exploits0References1
NVD
NVD
added 2024/05/21 2:15 a.m.19 views

CVE-2024-0816

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50ABVY.4C0 could allow an authenticated local attacker to cause denial of service DoS conditions by executing the CLI command with crafted strings on an affected device...

5.5CVSS5.6AI score0.00145EPSS
Exploits0References1
CVE
CVE
added 2024/05/21 1:29 a.m.77 views

CVE-2024-0816

The CVE describes a buffer overflow in the DX3300-T1 firmware V5.50(ABVY.4)C0. An authenticated local attacker can cause DoS by executing crafted strings via the device CLI. The vulnerability is limited to the CLI interface on the affected firmware; no remote vector is indicated. No exploitation ...

5.5CVSS7.1AI score0.00145EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/21 1:29 a.m.17 views

CVE-2024-0816

The buffer overflow vulnerability in the DX3300-T1 firmware version V5.50ABVY.4C0 could allow an authenticated local attacker to cause denial of service DoS conditions by executing the CLI command with crafted strings on an affected device...

5.5CVSS7.1AI score0.00145EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 9:2 p.m.12 views

GHSA-3783-62VC-JR7X ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command

ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...

9.6CVSS6.1AI score0.00928EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/05/15 5:59 p.m.17 views

CVE-2024-20383 Cisco Secure Email and Web Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager could allow an authenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An...

4.8CVSS6.3AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 4:19 p.m.81 views

CVE-2023-45583

The CVE-2023-45583 vulnerability is a use of externally-controlled format string affecting Fortinet FortiProxy, FortiPAM, FortiOS, and FortiSwitchManager across multiple versions (e.g., FortiProxy 7.2.0–7.2.5, 7.0.x, 2.0.x, 1.x; FortiOS 7.x and 6.x; FortiPAM 1.x; FortiSwitchManager 7.x). The unde...

7.2CVSS6.8AI score0.00654EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/12 4:15 p.m.13 views

CVE-2024-30384

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service Dos. If a specific CLI command is issued, a PFE crash wi...

6.8CVSS5.4AI score0.00168EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/12 3:22 p.m.11 views

CVE-2024-30384 Junos OS: EX4300 Series: If a specific CLI command is issued PFE crashes will occur

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service Dos. If a specific CLI command is issued, a PFE crash wi...

6.8CVSS6.7AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/12 3:22 p.m.21 views

CVE-2024-30384 Junos OS: EX4300 Series: If a specific CLI command is issued PFE crashes will occur

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on EX4300 Series allows a locally authenticated attacker with low privileges to cause a Denial-of-Service Dos. If a specific CLI command is issued, a PFE crash wi...

6.8CVSS5.7AI score0.00168EPSS
Exploits0References2
OSV
OSV
added 2024/04/10 5:15 p.m.8 views

GHSA-J5VM-7QCC-2WWG Kopia: Storage connection credentials written to console on "repository status" CLI command with JSON output

Impact What kind of vulnerability is it? Who is impacted? Storage credentials are written to the console. Patches Has the problem been patched? Yes, see 3589 What versions should users upgrade to? - Any version after or including commit 1d6f852cd6534f4bea978cbdc85c583803d79f77 - No release has be...

2CVSS5.8AI score
Exploits0References4
Prion
Prion
added 2024/03/13 5:15 p.m.26 views

Input validation

A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System NCS 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to...

4.3CVSS7AI score0.00194EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2024/01/28 1:57 a.m.1097 views

Exploit for Path Traversal in Jenkins

CVE-2024-23897 This repository presents a proof-of-concept of...

9.8CVSS9.2AI score0.99999EPSS
Exploits46
Rows per page
Query Builder