Juniper Junos OS Vulnerability (JSA100084)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100084 advisory. - A Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based...

Juniper Junos OS Vulnerability (JSA100090)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100090 advisory. - A NULL Pointer Dereference vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based...

CVE-2025-4663 Denial-of-Service (DoS) after Unusual or Exceptional Conditions vulnerability

An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service DoS. The vulnerability is encountered when supportsave is invoked remotely, using ssh command or SANnav inlin...

CVE-2025-32462

A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...

CVE-2025-47160

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...

CVE-2023-21886

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Orac...

CVE-2025-4660

A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without...

CVE-2025-4660 Remote Code Execution in Windows Secure Connector/ HPS Inspection Engine via Insecure Named Pipe Access

A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without...

CVE-2025-4660 Remote Code Execution in Windows Secure Connector/ HPS Inspection Engine via Insecure Named Pipe Access

A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without...

PT-2025-21022

Name of the Vulnerable Software and Affected Versions Forescout SecureConnector versions 11.1.02.1019 through 11.3.6 Description A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible t...

fastapi-guard 注入漏洞

fastapi-guard is a security library for FastAPI by Renzo F Individual Developer that provides middleware to control IPs, log requests and detect penetration attempts. An injection vulnerability exists in fastapi-guard versions prior to 2.0.0, which stems from an HTTP header injection vulnerabilit...

CVE-2025-30651

A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When an attacker sends a specific ICMPv6 packet to an interface with...

CVE-2025-30659

An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a device configured for Secure Vector Routing SVR receives a...

CVE-2025-30649

An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticated, network-based attacker, to send specific spoofed packets to cause a CPU Denial of Service DoS...

CVE-2025-30660

CVE-2025-30660 affects Junos OS on Juniper MX Series with the Packet Forwarding Engine (pfe). The issue stems from an improper check for unusual conditions and can allow an unauthenticated, network-based attacker to trigger a DoS by processing a high rate of specific GRE traffic, causing the PFE ...

CVE-2025-30657 Junos OS: Processing of a specific BGP update causes the SRRD process to crash

An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon SRRD of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a device configured for flow-monitoring receives a specific BGP update message, i...

CVE-2025-30656 Junos OS: MX Series, SRX Series: Processing of specific SIP INVITE messages by the SIP ALG will lead to an FPC crash

An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If the SIP ALG processes...

CVE-2025-30651 Junos OS and Junos OS Evolved: Receipt of a specific ICMPv6 packet causes a memory overrun leading to an rpd crash

A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When an attacker sends a specific ICMPv6 packet to an interface with...

CVE-2025-21601 Junos OS: SRX and EX Series, MX240, MX480, MX960, QFX5120 Series: When web management is enabled for specific services an attacker may cause a CPU spike by sending genuine packets to the device

An Improper Following of Specification by Caller vulnerability in web management J-Web, Captive Portal, 802.1X, Juniper Secure Connect JSC of Juniper Networks Junos OS on SRX Series, EX Series, MX240, MX480, MX960, QFX5120 Series, allows an unauthenticated, network-based attacker, sending genuine...

PT-2025-15858 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions from 21.4 before 21.4R3-S10 Junos OS versions from 22.2 before 22.2R3-S6 Junos OS versions from 22.4 before 22.4R3-S4 Junos OS versions from 23.2 before 23.2R2-S2 Junos OS versions from...