WordPress Comments Evolved for WordPress plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin Comments Evolved for WordPress versions = 1.6.3...

WordPress Comments Evolved for WordPress Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)

Software Comments Evolved for WordPress Type Plugin Vulnerable versions = 1.6.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34420 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ad6d473680e3 Credits Sharanabasappa Required...

The vulnerability of the Layer-2 Control Protocol Daemon (l2cpd) protocol of LLDP allows a attacker to cause a service failure in Juniper Networks’ Junos OS and Junos OS Evolved operating systems.

The vulnerability of the Layer-2 Control Protocol Daemon l2cpd protocol of the LLDP protocol in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the issue of operations going beyond the buffer in memory when processing LLDP packets. Exploiting this vulnerability can...

The vulnerability of the Layer 2 Address Learning Daemon (L2ALD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a hacker to induce a service failure.

The vulnerability of the Layer 2 Address Learning Daemon L2ALD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the Test Agent component of the testing and monitoring platform for physical, hybrid, and virtual networks in Juniper Networks’ Junos OS Evolved network devices of the ACX series allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Test Agent component of the testing and monitoring platform for physical, hybrid, and virtual networks in Paragon Active Assurance for Juniper Networks’ Junos OS Evolved network devices of the ACX series is related to the unencrypted storage of user data. Exploiting this...

The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to improper syntax validation during input processing. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of the Forwarding Information Base Telemetry (fibtd) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Forwarding Information Base Telemetry fibtd of Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to insufficient checking of exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the NETCONF protocol implementation in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NETCONF protocol implementation in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the incorrect use of standard permissions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2024-30380

An Improper Handling of Exceptional Conditions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a Denial of Service DoS, which causes the l2cpd process to crash by sending a specific TLV. The l2cpd process is responsible for laye...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS and Junos OS Evolved that stems from mishandling of an...

CVE-2024-30403

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process,...

CVE-2024-30403

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When Layer 2 traffic is sent through a logical interface, MAC learning happens. If during this process,...

CVE-2024-30402

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...

CVE-2024-30402

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. When telemetry requests are sent to the device, and t...

CVE-2024-30390

An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service DoS to the management plane. When an incoming connection was blocked because it exceeded the...

CVE-2024-30390

An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service DoS to the management plane. When an incoming connection was blocked because it exceeded the...

CVE-2024-30386

A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service DoS. In an EVPN-VXLAN scenario, when state updates are received and...

CVE-2024-30386

A Use-After-Free vulnerability in the Layer 2 Address Learning Daemon l2ald of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause l2ald to crash leading to a Denial-of-Service DoS. In an EVPN-VXLAN scenario, when state updates are received and...

CVE-2024-30382

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial o...

CVE-2024-30382

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to send a specific routing update, causing an rpd core due to memory corruption, leading to a Denial o...