CVE-2024-50568

A channel accessible by non-endpoint vulnerability CWE-300 in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7 and before 7.0.14 & FortiProxy version 7.4.0 through 7.4.3, 7.2.0 through 7.2.9 and before 7.0.16 allows an unauthenticated attacker with the knowledge of device specifi...

CVE-2024-47507 Junos OS and Junos OS Evolved: BGP update message containing aggregator attribute with an ASN value of zero (0) is accepted

An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. When a peer sends a BGP update messa...

SUSE CVE-2024-26918

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix active state requirement in PME polling The commit noted in fixes added a bogus requirement that runtime PM managed devices need to be in the RPMACTIVE state for PME polling. In fact, only devices in low power states...

CVE-2024-30381

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks Paragon Active Assurance Control Center allows a network-adjacent attacker with root access to a Test Agent Appliance the ability to access sensitive information about downstream devices. The...

Juniper Networks Paragon Active Assurance 安全漏洞

Juniper Networks Paragon Active Assurance is a programmable test and service assurance solution from Juniper Networks, Inc. Using software-based and traffic-generating test proxies, it can be easily used and delivered as a SaaS solution from the cloud or deployed locally in NFV environments. A...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS has a security vulnerability that originates from a security flaw in...

Design/Logic Flaw

Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.getldapinfo in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity,...

Schweitzer Engineering Laboratories SEL-3620 and SEL-3622 Security Gateway Unauthorized Access Vulnerability

Schweitzer Engineering Laboratories SEL SEL-3620 and SEL-3622 Security Gateway are both security gateway products from Schweitzer Engineering Laboratories SEL, USA. A security vulnerability exists in the SEL SEL-3620 and SEL-3622 Security Gateway due to a failure to properly enforce access contro...