7047 matches found
CVE-2024-39557
An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service DoS...
CVE-2024-39557
An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service DoS...
CVE-2024-39517
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service DoS. In an EVPN/VXLAN scenario, when a high amount specific...
CVE-2024-39517
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service DoS. In an EVPN/VXLAN scenario, when a high amount specific...
CVE-2024-39517 Junos OS and Junos OS Evolved: Upon processing specific L2 traffic, rpd can hang in devices with EVPN/VXLAN configured
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service DoS. In an EVPN/VXLAN scenario, when a high amount specific...
CVE-2024-39557 Junos OS Evolved: MAC table changes cause a memory leak
An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service DoS...
CVE-2024-39557 Junos OS Evolved: MAC table changes cause a memory leak
An Uncontrolled Resource Consumption vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a memory leak, eventually exhausting all system memory, leading to a system crash and Denial of Service DoS...
CVE-2024-39557
CVE-2024-39557 describes an Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS Evolved, caused by a memory leak in the Layer 2 Address Learning Daemon (l2ald) triggered by certain MAC table updates. This memory leak can exhaust system memory, causing a crash and DoS. Aff...
Configuration Bypass
Undertow is vulnerable to a Configuration Bypass. The vulnerability is due to enabling the learning-push handler without configuring the maxAge setting, which defaults to -1, which allows an attacker to reach the server with a normal HTTP request and potentially exploit the misconfigured handler...
PT-2024-28530 · Juniper Networks · Junos Evolved
Name of the Vulnerable Software and Affected Versions: Junos OS Evolved versions prior to 21.4R3-S8-EVO Junos OS Evolved versions 22.2-EVO through 22.2R3-S4-EVO Junos OS Evolved versions 22.3-EVO through 22.3R3-S3-EVO Junos OS Evolved versions 22.4-EVO through 22.4R3-EVO Junos OS Evolved versions...
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved Security Vulnerabilities
Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper...
PT-2024-5540 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3-S7 Junos OS versions 22.1 prior to 22.1R3-S5 Junos OS versions 22.2 prior to 22.2R3-S3 Junos OS versions 22.3 prior to 22.3R3-S3 Junos OS versions 22.4 prior to 22.4R3-S2 Junos OS versions 23.2 prior to 23.2R...
Juniper Junos OS Vulnerability (JSA79175)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79175 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald on Juniper Networks Junos OS and Junos OS Evolved allows...
CVE-2024-38959
Cross Site Scripting vulnerability in Creativeitem Academy LMS Learning Management System v.6.8.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the string parameter...
CVE-2024-37870
SQL injection vulnerability in processscore.php in Learning Management System Project In PHP With Source Code 1.0 allows attackers to execute arbitrary SQL commands via the id parameter...
CVE-2024-37870
SQL injection vulnerability in processscore.php in Learning Management System Project In PHP With Source Code 1.0 allows attackers to execute arbitrary SQL commands via the id parameter...
Undertow Missing Release of Memory after Effective Lifetime vulnerability
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...
GHSA-CH7Q-GPFF-H9HP Undertow Missing Release of Memory after Effective Lifetime vulnerability
A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...
CVE-2024-37870
SQL injection vulnerability in processscore.php in Learning Management System Project In PHP With Source Code 1.0 allows attackers to execute arbitrary SQL commands via the id parameter...
CVE-2024-38959
Cross Site Scripting vulnerability in Creativeitem Academy LMS Learning Management System v.6.8.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the string parameter...