Lucene search
K

1901 matches found

OSV
OSV
added 2024/04/12 4:15 p.m.4 views

CVE-2024-30402

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...

5.3CVSS5.8AI score0.00522EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/12 3:27 p.m.22 views

CVE-2024-30402 Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...

8.2CVSS6AI score0.00522EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 3:15 p.m.4 views

CVE-2024-30409

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...

6.9CVSS5.8AI score0.00478EPSS
Exploits0References2
NVD
NVD
added 2024/04/12 3:15 p.m.20 views

CVE-2024-30409

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...

6.9CVSS5.2AI score0.00478EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/12 3:3 p.m.20 views

CVE-2024-30409 Junos OS and Junos OS Evolved: Higher CPU consumption on routing engine leads to Denial of Service (DoS).

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...

6.9CVSS6.5AI score0.00478EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/12 3:3 p.m.26 views

CVE-2024-30409 Junos OS and Junos OS Evolved: Higher CPU consumption on routing engine leads to Denial of Service (DoS).

An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...

6.9CVSS5.4AI score0.00478EPSS
Exploits0References2
CVE
CVE
added 2024/04/12 3:3 p.m.84 views

CVE-2024-30409

Vulnerability (CVE-2024-30409) in Juniper Networks Junos OS and Junos OS Evolved telemtry processing can crash the forwarding information base telemetry daemon (fibtd) via an improper check for unusual or exceptional conditions. A network-based authenticated attacker can cause a limited Denial of...

6.9CVSS6.4AI score0.00478EPSS
Exploits0References2Affected Software2
Rapid7 Blog
Rapid7 Blog
added 2024/04/12 12:59 p.m.63 views

CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls

On Friday, April 12, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 zero-day vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. According to the vendor advisory, if conditions for exploitability are met, the vulnerability...

7.5CVSS9.8AI score0.99999EPSS
Exploits43
Palo Alto Networks
Palo Alto Networks
added 2024/04/12 6:55 a.m.189 views

PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the...

10CVSS9.9AI score0.99999EPSS
Exploits43References4
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.7 views

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability in Juniper Networks Junos OS versions prior to 22.1R1-S2, prior to...

6.9CVSS6.5AI score0.00478EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.5 views

PT-2024-24366 · Opentelemetry · Opentelemetry.Instrumentation.Aspnetcore +1

Name of the Vulnerable Software and Affected Versions: OpenTelemetry.Instrumentation.Http versions prior to 1.8.1 OpenTelemetry.Instrumentation.AspNetCore versions prior to 1.8.1 Description: The issue concerns the OpenTelemetry.Instrumentation.Http and OpenTelemetry.Instrumentation.AspNetCore...

4.1CVSS6.6AI score0.00291EPSS
Exploits0References10
NCSC
NCSC
added 2024/04/12 12:0 a.m.7 views

Vulnerability discovered in Palo Alto PAN-OS

Palo Alto has discovered a vulnerability in PAN-OS. A unauthenticated malicious person can exploit the vulnerability to execute arbitrary code on the vulnerable system with root privileges. The vulnerability is found only in PAN-OS versions 10.2, 11.0 and 11.1, if both the GlobalProtect Gateway a...

10CVSS7.3AI score0.99999EPSS
Exploits43
Tenable Nessus
Tenable Nessus
added 2024/04/11 12:0 a.m.16 views

Juniper Junos OS Vulnerability (JSA79099)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79099 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based...

6.9CVSS5.7AI score0.00478EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.5 views

PT-2024-5064 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S10 Junos OS versions 21.2 prior to 21.2R3-S7 Junos OS versions 21.4 prior to 21.4R3-S5 Junos OS versions 22.1 prior to 22.1R3-S4 Junos OS versions 22.2 prior to 22.2R3-S3 Junos OS versions 22.3 prior to...

8.2CVSS6.8AI score0.00522EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.6 views

PT-2024-2939 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions 22.1 before 22.1R1-S2, 22.1R2 Junos OS Evolved versions 22.1 before 22.1R1-S2-EVO, 22.1R2-EVO Description: The issue is related to an Improper Check for Unusual or Exceptional Conditions vulnerability in the telemetry...

6.9CVSS6.8AI score0.00478EPSS
Exploits0References6
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/04/03 12:0 a.m.73 views

Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption

Our new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption...

7.4AI score
Exploits0
Trellix
Trellix
added 2024/04/02 12:0 a.m.34 views

SuperSize Me

SuperSize Me By Floser Bacurio Jr., Bernadette Canubas, Michaelo Oliveros · April 02, 2024 Introduction Cyber attackers are always finding new ways to outsmart security systems and distribute malware effectively. We discovered an interesting detection evasion technique of delivering archive files...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/03/14 12:0 a.m.12 views

The vulnerability in the /plugins/playbooks/api/v0/telemetry/run component of the application for instant messaging in Mattermost allows a malicious user to gain unauthorized access to information about AD/LDAP users.

The vulnerability of the /plugins/playbooks/api/v0/telemetry/run/ component in the Mattermost instant messaging application is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to user...

5CVSS5.9AI score0.00389EPSS
Exploits0References2Affected Software1
Talos Blog
Talos Blog
added 2024/03/07 7:0 p.m.22 views

You’re going to start seeing more tax-related spam, but remember, that doesn’t actually mean there’s more spam

Its that time of the year when not only do you have to be worried about filing your federal taxes in the U.S., you must also be on the lookout for a whole manner of tax-related scams. These are something that pop up every year through email, texts, phone calls and even physical mail -- phony...

7AI score
Exploits0
OSV
OSV
added 2024/03/06 11:7 a.m.17 views

BIT-TIMESCALEDB-2023-25149

TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run wit...

8.8CVSS9AI score0.00775EPSS
Exploits0References3
Rows per page
Query Builder