1901 matches found
CVE-2024-30402
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...
CVE-2024-30402 Junos OS and Junos OS Evolved: The l2ald crashes on receiving telemetry messages from a specific subscription
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...
CVE-2024-30409
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...
CVE-2024-30409
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...
CVE-2024-30409 Junos OS and Junos OS Evolved: Higher CPU consumption on routing engine leads to Denial of Service (DoS).
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...
CVE-2024-30409 Junos OS and Junos OS Evolved: Higher CPU consumption on routing engine leads to Denial of Service (DoS).
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon fibtd to crash, leading to a limited Denial of...
CVE-2024-30409
Vulnerability (CVE-2024-30409) in Juniper Networks Junos OS and Junos OS Evolved telemtry processing can crash the forwarding information base telemetry daemon (fibtd) via an improper check for unusual or exceptional conditions. A network-based authenticated attacker can cause a limited Denial of...
CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls
On Friday, April 12, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 zero-day vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. According to the vendor advisory, if conditions for exploitability are met, the vulnerability...
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the...
Juniper Networks Junos OS 安全漏洞
Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability in Juniper Networks Junos OS versions prior to 22.1R1-S2, prior to...
PT-2024-24366 · Opentelemetry · Opentelemetry.Instrumentation.Aspnetcore +1
Name of the Vulnerable Software and Affected Versions: OpenTelemetry.Instrumentation.Http versions prior to 1.8.1 OpenTelemetry.Instrumentation.AspNetCore versions prior to 1.8.1 Description: The issue concerns the OpenTelemetry.Instrumentation.Http and OpenTelemetry.Instrumentation.AspNetCore...
Vulnerability discovered in Palo Alto PAN-OS
Palo Alto has discovered a vulnerability in PAN-OS. A unauthenticated malicious person can exploit the vulnerability to execute arbitrary code on the vulnerable system with root privileges. The vulnerability is found only in PAN-OS versions 10.2, 11.0 and 11.1, if both the GlobalProtect Gateway a...
Juniper Junos OS Vulnerability (JSA79099)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79099 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based...
PT-2024-5064 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 20.4R3-S10 Junos OS versions 21.2 prior to 21.2R3-S7 Junos OS versions 21.4 prior to 21.4R3-S5 Junos OS versions 22.1 prior to 22.1R3-S4 Junos OS versions 22.2 prior to 22.2R3-S3 Junos OS versions 22.3 prior to...
PT-2024-2939 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions 22.1 before 22.1R1-S2, 22.1R2 Junos OS Evolved versions 22.1 before 22.1R1-S2-EVO, 22.1R2-EVO Description: The issue is related to an Improper Check for Unusual or Exceptional Conditions vulnerability in the telemetry...
Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption
Our new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption...
SuperSize Me
SuperSize Me By Floser Bacurio Jr., Bernadette Canubas, Michaelo Oliveros · April 02, 2024 Introduction Cyber attackers are always finding new ways to outsmart security systems and distribute malware effectively. We discovered an interesting detection evasion technique of delivering archive files...
The vulnerability in the /plugins/playbooks/api/v0/telemetry/run component of the application for instant messaging in Mattermost allows a malicious user to gain unauthorized access to information about AD/LDAP users.
The vulnerability of the /plugins/playbooks/api/v0/telemetry/run/ component in the Mattermost instant messaging application is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to user...
You’re going to start seeing more tax-related spam, but remember, that doesn’t actually mean there’s more spam
Its that time of the year when not only do you have to be worried about filing your federal taxes in the U.S., you must also be on the lookout for a whole manner of tax-related scams. These are something that pop up every year through email, texts, phone calls and even physical mail -- phony...
BIT-TIMESCALEDB-2023-25149
TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run wit...