250 matches found
CVE-2024-39514
An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. An attacker can send specific traffic to the device, which causes...
CVE-2024-39514
An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. An attacker can send specific traffic to the device, which causes...
CVE-2024-39514
CVE-2024-39514 affects Junos OS and Junos OS Evolved. An attacker—adjacent, unauthenticated—can trigger a crash of the Routing Protocol Daemon (rpd) by sending specific traffic on devices with EVPN-VPWS and IGMP-snooping enabled, causing a DoS. Affected ranges are listed per release: Junos OS ver...
CVE-2024-39514 Junos OS and Junos OS Evolved: Receiving specific traffic on devices with EVPN-VPWS with IGMP-snooping enabled will cause the rpd to crash
An Improper Check or Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. An attacker can send specific traffic to the device, which causes...
CVE-2023-33860
CVE-2023-33860 affects IBM Security QRadar EDR version 3.12. The vulnerability arises because authorization tokens or session cookies are not marked with the Secure attribute, enabling cookies to be sent over HTTP. Attack scenario described in the sources includes sending a link via HTTP or embed...
CVE-2023-33860 IBM Security ReaQta information disclosure
IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the...
PT-2024-5543 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S10 Junos OS versions from 21.4 before 21.4R3-S6 Junos OS versions from 22.1 before 22.1R3-S5 Junos OS versions from 22.2 before 22.2R3-S3 Junos OS versions from 22.3 before 22.3R3-S2 Junos OS versions from...
CVE-2022-48748 net: bridge: vlan: fix memory leak in __allowed_ingress
In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in allowedingress When using per-vlan state, if vlan snooping and stats are disabled, untagged or priority-tagged ingress frame will go to check pvid state. If the port state is forwarding and t...
CVE-2022-48748 net: bridge: vlan: fix memory leak in __allowed_ingress
In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in allowedingress When using per-vlan state, if vlan snooping and stats are disabled, untagged or priority-tagged ingress frame will go to check pvid state. If the port state is forwarding and t...
CVE-2021-20450
CVE-2021-20450 affects IBM Cognos Controller 10.4.1–11.0.0 where authorization tokens and session cookies are missing the secure attribute, enabling a cookie exposure risk if a user visits an http link or a site with such a link. The vulnerability is described in IBM’s advisories and NVD entries,...
CVE-2024-26837
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
CVE-2024-26837
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
CVE-2024-26837 net: bridge: switchdev: Skip MDB replays of deferred events on offload
In the Linux kernel, the following vulnerability has been resolved: net: bridge: switchdev: Skip MDB replays of deferred events on offload Before this change, generation of the list of MDB events to replay would race against the creation of new group memberships, either from the IGMP/MLD snooping...
Cisco IOS XE Software DHCP Snooping with Endpoint Analytics DoS (cisco-sa-dhcp-dos-T3CXPO9z)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of servic...
CVE-2024-20259
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandle...
CVE-2024-20259
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandle...
CVE-2024-20259
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service DoS condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandle...
CVE-2024-20259
Cisco IOS XE Software DHCP Snooping with Endpoint Analytics contains a DoS vulnerability: unauthenticated, remote attackers can trigger a device reload by sending crafted IPv4 DHCP requests, due to mis-handling of requests when endpoint analytics are enabled. Affected feature is DHCP snooping; at...