EUVD-2008-6647

Malware in sbrugna...

K16352404: BIG-IQ DCD vulnerability CVE-2021-22996

Security Advisory Description When set up for auto failover, a BIG-IQ Data Collection Device DCD cluster member that receives an undisclosed message may cause the corosync process to abort. This behavior may lead to a denial-of-service DoS and impact the stability of a BIG-IQ high availability HA...

CVE-2021-0289 Junos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restarted

When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet AE interface units, a Time-of-check Time-of-use TOCTOU Race Condition vulnerability between the Device Control Daemon DCD and firewall process dfwd daemons of Juniper Networks Junos OS allows an attacker to...

CVE-2021-22996

CVE-2021-22996 concerns a vulnerability in BIG-IQ where a DCD cluster member receiving an undisclosed message during auto failover may cause the corosync process to abort, leading to a DoS and impacting the HIGH-AVAIL stability of the BIG-IQ HA cluster. Affected: BIG-IQ Data Collection Device (DC...

CVE-2020-1664 Junos OS: Buffer overflow vulnerability in device control daemon

A stack buffer overflow vulnerability in the device control daemon DCD on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service DoS against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17....

CVE-2020-1664

CVE-2020-1664 documents a stack buffer overflow in Juniper Networks Junos OS device control daemon (DCD). The issue allows a low-privilege local user to cause a DoS or execute arbitrary code with root privileges. Affected products include Junos OS versions listed in the CVE (e.g., 17.3 through 20...

CVE-2018-0060 Junos OS: Invalid IP/mask learned from DHCP server might cause device control daemon (dcd) process crash

An improper input validation weakness in the device control daemon process dcd of Juniper Networks Junos OS allows an attacker to cause a Denial of Service to the dcd process and interfaces and connected clients when the Junos device is requesting an IP address for itself. Junos devices are not...

Cross site scripting

Cross-site scripting XSS vulnerability in DCD GoogleMap dcdgooglemap 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2008-6687

Cross-site scripting XSS vulnerability in DCD GoogleMap dcdgooglemap 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2008-6687

Cross-site scripting XSS vulnerability in DCD GoogleMap dcdgooglemap 1.1.0 and earlier extension for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2008-6687

DCD GoogleMap extension for TYPO3 (version 1.1.0 and earlier) is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via unknown vectors. The CVSSv2 base score is 4.3 (Medium), with partial integrity impact and no confidential...

TYPO3 Security Bulletin

Several vulnerabilities have been found in TYPO3 third party extensions. Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensions with neither significant download numbers nor other special importance amongst the TYPO3 Community. The intention of CSBs is to...