551 matches found
PT-2025-15858 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions from 21.4 before 21.4R3-S10 Junos OS versions from 22.2 before 22.2R3-S6 Junos OS versions from 22.4 before 22.4R3-S4 Junos OS versions from 23.2 before 23.2R2-S2 Junos OS versions from...
Juniper Junos OS Vulnerability (JSA96467)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96467 advisory. - An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon SRRD of Juniper Networks Junos OS allows an unauthenticated, network-based...
Juniper Junos OS Vulnerability (JSA96459)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA96459 advisory. - An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480, and MX960 devices with MX-SPC3 Security Service...
Beers with Talos: Year in Review episode
Joe, Hazel, Bill and Dave break down Talos' Year in Review 2024 and discuss how and why cybercriminals have been leaning so heavily on attacks that are routed in stealth in simplicity. The team also provide insights into some of the topics of the report, including the top-targeted vulnerabilities...
CVE-2024-10210
An External Control of File Name or Path vulnerability in the APROL Web Portal used in B APROL 4.4-005P may allow an authenticated network-based attacker to access data from the file system...
CVE-2024-10206
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B APROL 4.4-00P5 may allow an unauthenticated network-based attacker to force the web server to request arbitrary URLs...
CVE-2024-10207
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B APROL 4.4-00P5 may allow an authenticated network-based attacker to force the web server to request arbitrary URLs...
CVE-2024-10210
An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL 4.4-005P may allow an authenticated network-based attacker to access data from the file system...
CVE-2024-10210 Path traversal in APROL Web Portal
An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL 4.4-005P may allow an authenticated network-based attacker to access data from the file system...
CVE-2024-10206
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL 4.4-00P5 may allow an unauthenticated network-based attacker to force the web server to request arbitrary URLs...
CVE-2024-45480
CVE-2024-45480 concerns B&R APROL’s AprolCreateReport component (versions before 4.4-00P5). The flaw is described as improper control of code generation, enabling an unauthenticated, network-based attacker to read local system files (code injection-related exposure) with high impact on confidenti...
CVE-2024-10208 Cross Site Scripting vulnerability in APROL Web Portal
An Improper Neutralization of Input During Web Page Generation vulnerability in the APROL Web Portal used in B&R APROL 4.4-00P5 may allow an authenticated network-based attacker to insert malicious code which is then executed in the context of the user’s browser session...
CVE-2024-12392 Server-Side Request Forgery (SSRF) in binary-husky/gpt_academic
A Server-Side Request Forgery SSRF vulnerability exists in binary-husky/gptacademic version git 310122f. The application has a functionality to download papers from arxiv.org, but the URL validation is incomplete. An attacker can exploit this vulnerability to make the application access any URL,...
UBUNTU-CVE-2025-2295
EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service...
Linux Distros Unpatched Vulnerability : CVE-2020-10703
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage po...
CVE-2025-21598
CVE-2025-21598 is an out-of-bounds read vulnerability in Junos OS and Junos OS Evolved -rpd (routing protocol daemon). An unauthenticated, network-based attacker can send malformed BGP packets to a device with BGP trace options enabled, crashing rpd. Affected ranges include multiple Junos OS and ...
CVE-2025-21599
CVE-2025-21599 affects Juniper Networks Junos OS Evolved. The vulnerability is in the Juniper Tunnel Driver (jtd) where a memory misreference occurs after handling certain malformed IPv6 packets, causing kernel memory not to be freed and leading to memory exhaustion and a Denial of Service. Affec...
CVE-2024-10490
An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision before 6.0 may be used by an...
CVE-2024-47508
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service DoS.When specific SNMP GET operations or specifi...
CVE-2024-47489
An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine pfe of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service DoS to...