Lucene search
K

13247 matches found

NVD
NVD
added yesterday4 views

CVE-2026-15548

A security vulnerability has been detected in Shibby Tomato up to 1.28.0000. This vulnerability affects the function sub407220 of the file /usr/sbin/httpd of the component DNS List Rendering. The manipulation leads to stack-based buffer overflow. The attack is possible to be carried out remotely...

9CVSS0.00738EPSS
Exploits0References5
NCSC
NCSC
added yesterday14 views

Vulnerabilities found in Juniper Networks’ Junos OS and Junos OS Evolved

Juniper has identified several vulnerabilities in Junos OS and Junos OS Evolved, specifically related to devices in the MX Series, PTX Series, QFX Series, EX Series, SRX Series, and QFX10000 Series. These vulnerabilities affect various components of Junos OS and Junos OS Evolved, including the...

9.8CVSS7.1AI score0.02497EPSS
Exploits0References22
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43233

OpenWrt luci-app-samba4 read ACL grants file.exec permission on /usr/sbin/smbd, allowing authenticated delegated users to execute the Samba daemon with caller-controlled command-line arguments. Attackers can pass arbitrary Samba global options such as message command to a root smbd process,...

8.8CVSS6.3AI score0.00714EPSS
Exploits0References2
Fedora
Fedora
added 2 days ago8 views

[SECURITY] Fedora 43 Update: upower-1.91.3-2.fc43

UPower formerly DeviceKit-power provides a daemon, API and command line tools for managing power devices attached to the system...

6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago8 views

Malicious code in nodepack-daemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b976e6ab638a52663d25f360bffec6706dc82991ad27c552788a5a4d785ff89f The package presents itself as the popular pino logger README badges, file layout mirroring pino's lib/proto.js, lib/redaction.js, lib/transport.js,...

6.5AI score
Exploits0References2
NVD
NVD
added 5 days ago7 views

CVE-2026-57024

A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On an MX with SPC3 and SRX devices configured for VPN service,...

6.9CVSS0.00417EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-33801

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker sending a specific BGP update over an established BGP session to cause a Denial-of-Service DoS...

7.1CVSS0.00281EPSS
Exploits0References1
NVD
NVD
added 5 days ago13 views

CVE-2026-33799

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS0.0036EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-57026 Junos OS: MX Series with SPC3, SRX Series: Processing of a specifically malformed SIP invite causes a flowd crash

An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on MX Series with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS.If the SIP ALG is enabled on an affected device, the...

8.7CVSS0.00461EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago31 views

CVE-2026-57024 Junos OS: MX with SPC3, SRX Series: Repeated VPN negotiation failures will eventually cause iked to crash continuously

A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon iked of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. On an MX with SPC3 and SRX devices configured for VPN service,...

6.9CVSS0.00417EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-33801 Junos OS and Junos OS Evolved: When a specifically malformed BGP route update is received RPD crashes

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker sending a specific BGP update over an established BGP session to cause a Denial-of-Service DoS...

7.1CVSS0.00281EPSS
Exploits0References1
CVE
CVE
added 5 days ago15 views

CVE-2026-33801

CVE-2026-33801 affects Juniper Networks Junos OS and Junos OS Evolved. An adjacent, unauthenticated attacker can trigger a Denial-of-Service by sending a specifically malformed non-inet/inet6 unicast BGP update over an established BGP session, causing the Routing Protocol Daemon (RPD) to crash an...

7.1CVSS5.9AI score0.00281EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-33801

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker sending a specific BGP update over an established BGP session to cause a Denial-of-Service DoS...

7.1CVSS5.9AI score0.00281EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-33799 Junos OS and Junos OS Evolved: Receipt of a specific SNMPv3 request results in memory leak and eventual snmpd crash

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS0.0036EPSS
Exploits0References1
CVE
CVE
added 5 days ago59 views

CVE-2026-33799

CVE-2026-33799 describes an Out-of-bounds Write in the SNMP daemon (snmpd) of Juniper Networks Junos OS and Junos OS Evolved. An authenticated remote attacker can send specific valid SNMPv3 queries to trigger a memory leak, causing snmpd memory exhaustion over time, a resulting process crash, and...

5.3CVSS6AI score0.0036EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago49 views

CVE-2026-33799

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS6AI score0.0036EPSS
Exploits0References2Affected Software2
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-21901

A NULL Pointer Dereference vulnerability in the management daemon mgd of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker setting or deactivating a specific SSH configuration parameter to create a Denial of Service DoS. A local high-privileged user configuri...

6.7CVSS6.1AI score0.00166EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-21901 Junos OS and Junos OS Evolved: Configuration of a specific SSH option results in mgd crash

A NULL Pointer Dereference vulnerability in the management daemon mgd of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker setting or deactivating a specific SSH configuration parameter to create a Denial of Service DoS. A local high-privileged user configuri...

6.7CVSS0.00166EPSS
Exploits0References2
NVD
NVD
added 5 days ago10 views

CVE-2026-58459

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

9.6CVSS0.00726EPSS
Exploits1References5
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-58459 gpsd gpsprof Command Injection via gnuplot plot title subtype field

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The...

8.4CVSS0.00726EPSS
Exploits1References5
Rows per page
Query Builder