Lucene search
K

250 matches found

OSV
OSV
added 2024/07/10 11:15 p.m.6 views

CVE-2024-39514

An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. An attacker can send specific traffic to the device, which causes...

7.1CVSS5.8AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2024/07/10 11:15 p.m.33 views

CVE-2024-39514

An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. An attacker can send specific traffic to the device, which causes...

7.1CVSS0.00246EPSS
Exploits0References1
CVE
CVE
added 2024/07/10 11:5 p.m.66 views

CVE-2024-39514

CVE-2024-39514 affects Junos OS and Junos OS Evolved. An attacker—adjacent, unauthenticated—can trigger a crash of the Routing Protocol Daemon (rpd) by sending specific traffic on devices with EVPN-VPWS and IGMP-snooping enabled, causing a DoS. Affected ranges are listed per release: Junos OS ver...

7.1CVSS6.6AI score0.00246EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/07/10 11:5 p.m.21 views

CVE-2024-39514 Junos OS and Junos OS Evolved: Receiving specific traffic on devices with EVPN-VPWS with IGMP-snooping enabled will cause the rpd to crash

An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. An attacker can send specific traffic to the device, which causes...

7.1CVSS7AI score0.00246EPSS
Exploits0References1
CVE
CVE
added 2024/07/10 3:28 p.m.69 views

CVE-2023-33860

CVE-2023-33860 affects IBM Security QRadar EDR version 3.12. The vulnerability arises because authorization tokens or session cookies are not marked with the Secure attribute, enabling cookies to be sent over HTTP. Attack scenario described in the sources includes sending a link via HTTP or embed...

5.3CVSS5AI score0.0024EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/07/10 3:28 p.m.21 views

CVE-2023-33860 IBM Security ReaQta information disclosure

IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the...

5.3CVSS0.0024EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.4 views

PT-2024-5543 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S10 Junos OS versions from 21.4 before 21.4R3-S6 Junos OS versions from 22.1 before 22.1R3-S5 Junos OS versions from 22.2 before 22.2R3-S3 Junos OS versions from 22.3 before 22.3R3-S2 Junos OS versions from...

7.1CVSS7.3AI score0.00246EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/06/20 11:13 a.m.30 views

CVE-2022-48748 net: bridge: vlan: fix memory leak in __allowed_ingress

In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in allowedingress When using per-vlan state, if vlan snooping and stats are disabled, untagged or priority-tagged ingress frame will go to check pvid state. If the port state is forwarding and t...

0.01128EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/20 11:13 a.m.22 views

CVE-2022-48748 net: bridge: vlan: fix memory leak in __allowed_ingress

In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in allowedingress When using per-vlan state, if vlan snooping and stats are disabled, untagged or priority-tagged ingress frame will go to check pvid state. If the port state is forwarding and t...

6.9AI score0.01128EPSS
Exploits0References4
CVE
CVE
added 2024/05/03 4:55 p.m.80 views

CVE-2021-20450

CVE-2021-20450 affects IBM Cognos Controller 10.4.1–11.0.0 where authorization tokens and session cookies are missing the secure attribute, enabling a cookie exposure risk if a user visits an http link or a site with such a link. The vulnerability is described in IBM’s advisories and NVD entries,...

4.3CVSS5.9AI score0.00366EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/04/17 10:15 a.m.20 views

CVE-2024-26837

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...

4.7CVSS6.3AI score0.00166EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/04/17 10:15 a.m.36 views

CVE-2024-26837

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...

4.7CVSS6.3AI score0.00166EPSS
Exploits0References15
OSV
OSV
added 2024/04/17 10:10 a.m.8 views

CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...

4.7CVSS5.8AI score0.00166EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/04/17 10:10 a.m.25 views

CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...

6.7AI score0.00166EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/17 10:10 a.m.22 views

CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload

In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...

6.5AI score0.00166EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/12 12:0 a.m.33 views

Cisco IOS XE Software DHCP Snooping with Endpoint Analytics DoS (cisco-sa-dhcp-dos-T3CXPO9z)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of servic...

8.6CVSS5.6AI score0.00816EPSS
Exploits0References4
OSV
OSV
added 2024/03/27 5:15 p.m.3 views

CVE-2024-20259

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandle...

8.6CVSS5.8AI score0.00816EPSS
Exploits0References1
NVD
NVD
added 2024/03/27 5:15 p.m.16 views

CVE-2024-20259

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandle...

8.6CVSS8.4AI score0.00816EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/27 4:53 p.m.18 views

CVE-2024-20259

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandle...

8.6CVSS8.6AI score0.00816EPSS
Exploits0References1
CVE
CVE
added 2024/03/27 4:53 p.m.76 views

CVE-2024-20259

Cisco IOS XE Software DHCP Snooping with Endpoint Analytics contains a DoS vulnerability: unauthenticated, remote attackers can trigger a device reload by sending crafted IPv4 DHCP requests, due to mis-handling of requests when endpoint analytics are enabled. Affected feature is DHCP snooping; at...

8.6CVSS7.1AI score0.00816EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder