8007 matches found
CVE-2024-47493
A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of the Juniper Networks Junos OS on the MX Series platforms with Trio-based FPCs allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. In case of channelized Modular...
CVE-2024-39544
An Incorrect Default Permissions vulnerability in the command line interface CLI of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information. On all Junos OS Evolved platforms, when NETCONF...
CVE-2024-39527
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface CLI of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of protected files on the file system. Through the...
CVE-2024-39527
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface CLI of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of protected files on the file system. Through the...
CVE-2024-47509 Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #3
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service DoS.When specific SNMP GET operations or specifi...
CVE-2024-47509 Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #3
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service DoS.When specific SNMP GET operations or specifi...
CVE-2024-47509
The CVE covers an Allocation of Resources Without Limits or Throttling in Junos OS Evolved’s PFE management daemon evo-pfemand, causing a GUID resource leak that exhausts GUID space and can hang FPCs (DoS) when certain SNMP GETs or low-privileged CLI commands are used. Affected Junos OS Evolved r...
CVE-2024-47508 Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #2
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service DoS.When specific SNMP GET operations or specifi...
CVE-2024-47505 Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #1
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service DoS.When specific SNMP GET operations or specifi...
CVE-2024-47505 Junos OS Evolved: Specific low privileged CLI commands and SNMP GET requests can trigger a resource leak #1
An Allocation of Resources Without Limits or Throttling vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service DoS.When specific SNMP GET operations or specifi...
CVE-2024-47505
CVE-2024-47505 concerns Juniper Networks Junos OS Evolved, affecting the PFE management daemon evo-pfemand. The vulnerability is a GUID resource leak (allocation of resources without limits/throttling) that occurs when specific SNMP GET operations or low-privilege CLI commands are run. This can e...
CVE-2024-47493
CVE-2024-47493 affects Junos OS on MX Series with Trio-based FPCs. The vulnerability is a Missing Release of Memory after Effective Lifetime in the PFE, causing a heap memory leak during channelized MIC interface flap activity and potentially leading to DoS for unauthenticated adjacent attackers....
CVE-2024-39544 Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files
An Incorrect Default Permissions vulnerability in the command line interface CLI of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information. On all Junos OS Evolved platforms, when NETCONF...
CVE-2024-39544
CVE-2024-39544 concerns an issue in Juniper Networks Junos OS Evolved where NETCONF traceoptions files can be read due to incorrect default permissions in the CLI. The vulnerability affects Junos OS Evolved where NETCONF traceoptions are configured, enabling a low-privileged local user to access ...
CVE-2024-39527 Junos OS: SRX Series: Low privileged user able to access sensitive information on file system
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line interface CLI of Juniper Networks Junos OS on SRX Series devices allows a local, low-privileged user with access to the Junos CLI to view the contents of protected files on the file system. Through the...
CVE-2024-39527
CVE-2024-39527 describes an exposure of sensitive information vulnerability in the CLI of Juniper Networks Junos OS on SRX Series devices. A local, low-privileged user with CLI access can view protected files on the file system through crafted CLI commands, enabling information disclosure as desc...
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 30, 2024 to October 6, 2024)
Calling all superheroes and haunters! Introducing the Cybersecurity Month Spooktacular Haunt and the WordPress Superhero Challenge for the Wordfence Bug Bounty Program! Through November 11th, 2024: All in-scope vulnerability types for WordPress plugins/themes with = 1,000 active installations are...
Malicious code in cli-command-with-alias (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b03e8947704f3b685460bd5c1a963c852f7877815be28a52d9642875d1348d0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-38817
VMware NSX contains a command injection vulnerability. A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operating system as root...
CVE-2024-38817
VMware NSX contains a command injection vulnerability. A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operating system as root...