CVE-2021-0234

CVE-2021-0234 affects Juniper Networks Junos OS on QFX5100-96S with QFX 5e Series image. The issue is an improper initialization that prevents ddos-protection changes from taking effect beyond default DDoS settings configured via CLI. The ddos-protection (jddosd) daemon keeps the device functioni...

CVE-2021-0234 Junos OS: QFX5100-96S: DDoS protection does not work as expected.

Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS Distributed Denial of Service settings when configured from the CLI. The DDoS...

CVE-2021-0230 Junos OS: SRX Series: Memory leak when querying Aggregated Ethernet (AE) interface statistics

On Juniper Networks SRX Series devices with link aggregation lag configured, executing any operation that fetches Aggregated Ethernet AE interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic wil...

CVE-2021-0225 Junos OS Evolved: Stateless IP firewall filter does not work as expected

An Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS Evolved may cause the stateless firewall filter configuration which uses the action 'policer' in certain combinations with other options to not take effect. An administrator can use the following CLI command to s...

Moderate: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.14.0 and security update

Release of OpenShift Serverless Client kn 1.14.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

HttpDoom - A Tool For Response-Based Inspection Of Websites Across A Large Amount Of Hosts For Quickly Gaining An Overview Of HTTP-based Attack Surface

Validate large HTTP-based attack surfaces in a very fast way. Heavily inspired by Aquatone. Why? When I utilize Aquatone to flyover some hosts, I have some performance issues by the screenshot feature, and the lack of extension capabilities - like validating front-end technologies with a...

The vulnerability of the command-line interface (CLI) of Cisco IOS XE SD-WAN microprogramming software allows a attacker to execute arbitrary commands with superuser privileges.

The vulnerability of the command-line interface CLI of Cisco IOS XE SD-WAN software exists because measures to neutralize specific elements have not been taken. Exploiting this vulnerability allows an attacker to execute arbitrary commands with superuser privileges...

Improper access control

A ZTE product is impacted by improper access control vulnerability. The attacker could exploit this vulnerability to access CLI by brute force attacks.This affects: ZXHN H168N V3.5.0TY.T6...

AzureC2Relay - An Azure Function That Validates And Relays Cobalt Strike Beacon Traffic By Verifying The Incoming Requests Based On A Cobalt Strike Malleable C2 Profile

AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile. Any incoming requests that do not share the profiles user-agent, URI paths, headers, and query parameters, will be redirected ...

CVE-2021-1485

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges on the underlying Linux operating system OS of an affected device. This vulnerability is due to insufficient input validation of...

[SECURITY] Fedora 33 Update: mediainfo-21.03-1.fc33

MediaInfo CLI Command Line Interface. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio: codec, sample rate, channels, language, bitrate... Text: language of subtitle Chapters: number of...

The vulnerability of the CLI component in Cisco IOS XE routers for Cisco IOS XE SD-WAN allows a attacker to gain access to the basic operating system with superuser privileges.

The vulnerability of Cisco IOS XE operating system routers in Cisco IOS XE SD-WAN devices exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to gain access to the basic operating system with superuser privileges...

The vulnerability of the Cisco IOS XE software’s command-line interface allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Cisco IOS XE software’s command-line interface is related to the existence of an undocumented feature in command input fields that allows for the manipulation of variable values. Exploiting this vulnerability could enable a perpetrator to compromise the confidentiality an...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.5 security and bug fix update

Red Hat OpenShift Container Platform release 4.7.5 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

@random-guys/coralpay-pgp (>=0.0.1 <=0.1.0), @woocommerce/components (>=1.0.0 <=1.0.1) +4 more potentially affected by CVE-2021-23392 via locutus (>=2.0.10 <=2.0.14)

locutus NPM version =2.0.10, =0.0.1, =1.0.0, =1.1.0, =1.0.2, =1.0.52, =0.1.0, =0.2.1 Source cves: CVE-2021-23392 Source advisory: SNYK:JS-LOCUTUS-1090597...

RHEL 7 / 8 : OpenShift Container Platform 4.7.4 (RHSA-2021:0958)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:0958 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

Cisco IOS XE Software Common Industrial Protocol Privilege Escalation (cisco-sa-XE-SAP-OPLbze68)

A vulnerability in the CLI command permissions of Cisco IOS XE Software could allow an authenticated, local attacker to retrieve the password for Common Industrial Protocol CIP and then remotely configure the device as an administrative user. This vulnerability exists because incorrect permission...

@agneta/cli (>=0.14.7 <=0.14.15), @servisbot/servisbot-cli (>=9.4.0 <=10.3.2) +3 more potentially affected by CVE-2020-7774 via y18n (=4.0.0)

y18n NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on y18n and may be impacted: - @agneta/cli =0.14.7, =9.4.0, =0.14.4, =1.0.0-rc.1, =1.0.0-rc.7 Source cves: CVE-2020-7774 Source advisory: OSV:GHSA-C4W7-XM78-47VH...

Cisco IOS XE Arbitrary File Overwrite Vulnerability (CNVD-2021-24468)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An arbitrary file overwrite vulnerability exists in the CLI for SD-WAN for Cisco IOS XE. The vulnerability stems from insufficient validation of parameters for specific CLI...

Cisco IOS XE elevation of privilege vulnerability (CNVD-2021-22458)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An elevation of privilege vulnerability exists in the CLI management for SD-WAN in Cisco IOS XE. The vulnerability stems from a problem with the way the software handles concurren...