Lucene search
+L

44 matches found

Cvelist
Cvelist
added 2021/10/19 6:16 p.m.15 views

CVE-2021-31366 Junos OS: MX Series: In subscriber management / BBE configuration authd can crash if a subscriber with a specific username tries to login leading to a DoS

An Unchecked Return Value vulnerability in the authd authentication daemon of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting A...

6.5CVSS6.6AI score0.00406EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/01/21 12:0 a.m.45 views

Junos OS: Broadband Edge Service Denial of Service (DoS) Vulnerability (JSA10987)

According to its self-reported version number, the remote Juniper Junos device is affected by a denial of service vulnerability due to an unspecified issue in the processing of packets destined to Broadband Edge BBE clients connected to MX Series subscriber management platforms. Receipt of a...

7.8CVSS7.4AI score0.01332EPSS
Exploits0References2
Prion
Prion
added 2020/01/15 9:15 a.m.19 views

Code injection

Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge BBE service may trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Serie...

7.8CVSS7.3AI score0.01332EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/01/15 8:40 a.m.65 views

CVE-2020-1608

CVE-2020-1608 affects Juniper Networks Junos OS on MX Series in BBE configurations. Receipt of a specific MPLS or IPv6 packet on the core-facing interface may trigger a kernel crash (vmcore) and reboot, tied to processing for BBE clients. Affected Junos versions span multiple tracks: 17.2R2-S6 on...

7.8CVSS7.4AI score0.01332EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/01/15 8:40 a.m.29 views

CVE-2020-1608 Junos OS: MX Series: In BBE configurations, receipt of a specific MPLS or IPv6 packet causes a Denial of Service

Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge BBE service may trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Serie...

7.5CVSS7.5AI score0.01332EPSS
Exploits0References1
OSV
OSV
added 2019/01/15 9:29 p.m.5 views

CVE-2019-0001

Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon bbe-smgd, and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result...

7.5CVSS5.8AI score0.03049EPSS
Exploits0References4
Prion
Prion
added 2019/01/15 9:29 p.m.22 views

Design/Logic Flaw

Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon bbe-smgd, and lead to high CPU usage and a crash of the bbe-smgd service. Repeated receipt of the same packet can result...

7.1CVSS7.5AI score0.03049EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2018/10/10 6:29 p.m.5 views

CVE-2018-0058

Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of Broadband Edge BBE client route processing on MX Series subscriber management platforms, introduced by the Tomcat Next...

7.5CVSS5.8AI score0.01394EPSS
Exploits0References2
NVD
NVD
added 2018/10/10 6:29 p.m.22 views

CVE-2018-0058

Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of Broadband Edge BBE client route processing on MX Series subscriber management platforms, introduced by the Tomcat Next...

7.8CVSS6AI score0.01394EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/10/10 6:0 p.m.25 views

CVE-2018-0058 MX Series: In BBE configurations, receipt of a crafted IPv6 exception packet causes a Denial of Service

Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash vmcore, causing the device to reboot. The issue is specific to the processing of Broadband Edge BBE client route processing on MX Series subscriber management platforms, introduced by the Tomcat Next...

5.9CVSS7.2AI score0.01394EPSS
Exploits0References2
Patchstack
Patchstack
added 2018/06/05 12:0 a.m.16 views

WordPress BBE theme <= 1.52 - Direct Object Reference vulnerability

Direct Object Reference vulnerability found by Zhihua Yao in WordPress BBE theme versions = 1.52. The vulnerability allows a direct launch of an HTML editor. Solution Update the WordPress BBE theme to the latest available version at least 1.53...

5.3CVSS2.1AI score0.00959EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/05/18 5:29 p.m.3 views

CVE-2018-11244

The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor...

5.3CVSS5.8AI score0.00959EPSS
Exploits0References2
NVD
NVD
added 2018/05/18 5:29 p.m.19 views

CVE-2018-11244

The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor...

5.3CVSS5.4AI score0.00959EPSS
Exploits0References2
CVE
CVE
added 2018/05/18 5:0 p.m.35 views

CVE-2018-11244

The CVE-2018-11244 entry concerns the WordPress BBE theme prior to version 1.53. Multiple sources describe a Direct Object Reference vulnerability that allows direct launching of the HTML editor, implying that an attacker could indirectly trigger the HTML editor through the theme. Affected softwa...

5.3CVSS5.3AI score0.00959EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/05/18 5:0 p.m.17 views

CVE-2018-11244

The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor...

5.4AI score0.00959EPSS
Exploits0References2
Hacker One
Hacker One
added 2018/04/11 7:29 a.m.21 views

LocalTapiola: Reflected XSS of bbe-child-starter Theme via "value"-GET-parameter

This bug is related to 324442. And xss in other url. poc: https://www.lahitapiolarahoitus.fi/wp-content/themes/bbe-child-starter/bbe-engine/assets/actions/bbeopenhtmleditorpopup.php?attribute=%27%3C/script%3E%3Cbody%20onload&value=alertdocument.cookie Impact -Make admin-user run malicious...

1.9AI score
Exploits0
Hacker One
Hacker One
added 2018/03/11 3:49 p.m.31 views

LocalTapiola: Reflected XSS on bbe_open_htmleditor_popup.php of BBE Theme via "value"-GET-parameter

Basic report information Summary: The BBE Theme allows unauthorized access to bbeopenhtmleditorpopup.php which echoes unsanitized values of value-GET-parameter leading to reflected XSS. Description: The www.lahitapiolarahoitus.fi has Wordpress with theme BBE Theme v1.52. I did some code review an...

0.9AI score
Exploits0
OSV
OSV
added 2018/01/10 10:29 p.m.4 views

CVE-2018-0006

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon bbe-smgd, and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number o...

5.3CVSS5.8AI score0.00668EPSS
Exploits0References2
NVD
NVD
added 2018/01/10 10:29 p.m.21 views

CVE-2018-0006

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon bbe-smgd, and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number o...

6.5CVSS6.4AI score0.00668EPSS
Exploits0References2
Prion
Prion
added 2018/01/10 10:29 p.m.19 views

Design/Logic Flaw

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon bbe-smgd, and lead to a denial of service condition. The issue was caused by attempting to process an unbounded number o...

2.9CVSS5.3AI score0.00668EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder