553 matches found
CVE-2024-47508
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service DoS.When specific SNMP GET operations or specifi...
CVE-2024-47489
An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service DoS to...
CVE-2024-39547
An Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD allows an unauthenticated network-based attacker sending crafted TCP traffic to the routing engine RE to cause a CPU-based Denial of Service DoS. If special...
CVE-2024-47506 Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash
A Deadlock vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result i...
CVE-2024-47506 Junos OS: SRX Series: A large amount of traffic being processed by ATP Cloud can lead to a PFE crash
A Deadlock vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When a large amount of traffic is processed by ATP Cloud inspection, a deadlock can occur which will result i...
CVE-2024-47504 Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash
An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine pfe Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service Dos. When a non-clustered SRX5000 device receives a specifically malformed...
CVE-2024-47504 Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash
An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine pfe Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service Dos. When a non-clustered SRX5000 device receives a specifically malformed...
CVE-2024-47504
CVE-2024-47504 affects Juniper Networks Junos OS on SRX5000 Series. Vulnerability arises from improper validation of a specific input type in the packet forwarding engine (pfe), allowing an unauthenticated, network-based attacker to trigger a flowd crash and DoS by sending a malformed packet to n...
CVE-2024-47497 Junos OS: SRX Series, QFX Series, MX Series and EX Series: Receiving specific HTTPS traffic causes resource exhaustion
An Uncontrolled Resource Consumption vulnerability in the http daemon httpd of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based attacker to cause Denial-of-Service DoS. An attacker can send specific HTTPS connection requests to...
CVE-2024-47489 Junos OS Evolved: ACX Series: Receipt of specific transit protocol packets is incorrectly processed by the RE
An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service DoS to...
CVE-2024-39563 Junos Space: Remote Command Execution (RCE) vulnerability in web application
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request to execute arbitrary shell commands on the Junos Space Appliance, leading to remote command execution by the web application, gaining complete...
CVE-2024-39563 Junos Space: Remote Command Execution (RCE) vulnerability in web application
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request to execute arbitrary shell commands on the Junos Space Appliance, leading to remote command execution by the web application, gaining complete...
PT-2024-7136
Name of the Vulnerable Software and Affected Versions Junos OS Evolved versions prior to 21.4R3-S9-EVO Junos OS Evolved versions 22.2 prior to 22.2R3-S4-EVO Junos OS Evolved version 22.4 prior to 22.4R3-S3-EVO Junos OS Evolved versions 23.2 prior to 23.2R2-S1-EVO Junos OS Evolved versions 23.4...
CVE-2024-5624
Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...
CVE-2024-5624 Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL
Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...
VulnCheck KEV: CVE-2024-7029
Commands can be injected over the network and executed without authentication...
Juniper Junos OS DoS (JSA82988)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA82988 advisory. - A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated,...
CVE-2024-38182
CVE-2024-38182 is a Microsoft Dynamics 365 elevation-of-privilege vulnerability described as weak authentication that allows an unauthenticated, network-based attacker to escalate privileges. Connected sources confirm the issue affects Microsoft Dynamics 365 Field Service On-Premises version 7 (o...
CVE-2024-39533
An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions...
CVE-2024-39553
CVE-2024-39553 affects Juniper Networks Junos OS Evolved sampling service (inline jflow). A Resource Exposure to Wrong Sphere vulnerability allows an unauthenticated, network-based attacker to send arbitrary data to the device, causing the msvcsd process to crash and yielding limited DoS while no...