Lucene search
K

303 matches found

Vulnrichment
Vulnrichment
added 2024/07/11 4:14 p.m.212 views

CVE-2024-39538 Junos OS Evolved: ACX7000 Series: When multicast traffic with a specific (S,G) is received evo-pfemand crashes

A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.When multicast traffic with a specific, valid S,G is received,...

7.1CVSS6.8AI score0.00332EPSS
Exploits0References1
CVE
CVE
added 2024/07/11 4:14 p.m.53 views

CVE-2024-39538

Junos OS Evolved on ACX7000 Series is affected by CVE-2024-39538 due to a Buffer Copy without Checking Size of Input in evo-pfemand (PFE management daemon). An unauthenticated, adjacent attacker can cause a Denial-of-Service by sending multicast traffic with a specific (S,G); evo-pfemand crashes,...

7.1CVSS6.5AI score0.00332EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/10 12:0 a.m.5 views

PT-2024-28521 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS on MX Series versions prior to 21.2R3-S6 Junos OS on MX Series version 21.4 prior to 21.4R3-S6 Junos OS on MX Series version 22.1 prior to 22.1R3-S5 Junos OS on MX Series version 22.2 prior to 22.2R3-S3 Junos OS on MX Series version...

6CVSS7.3AI score0.00217EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/04/30 9:57 a.m.4 views

kernel: KVM: s390: fix setting of fpc register

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register kvmarchvcpuioctlsetfpu allows to set the floating point control fpc register of a guest cpu. The new value is tested for validity by temporarily loading it into the fpc register. This may le...

4CVSS6.3AI score0.00231EPSS
Exploits0References5
NVD
NVD
added 2024/04/15 6:15 p.m.10 views

CVE-2023-4855

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute unauthorized commands via IPMI...

7.2CVSS7.2AI score0.01131EPSS
Exploits0References1
NVD
NVD
added 2024/04/15 6:15 p.m.11 views

CVE-2023-4857

An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information...

7.5CVSS7.7AI score0.0053EPSS
Exploits0References1
NVD
NVD
added 2024/04/15 6:15 p.m.8 views

CVE-2023-4856

A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint...

8.8CVSS8.9AI score0.00665EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 6:0 p.m.54 views

CVE-2024-2659

CVE-2024-2659 describes a command injection in Lenovo SMM/SMM2 and the Fan Power Controller (FPC). The vulnerability allows an authenticated user with elevated privileges to execute system commands during a specific administrative operation. Reports from multiple sources (including Red Hat, CVE l...

7.2CVSS7.6AI score0.01131EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/15 6:0 p.m.8 views

CVE-2024-2659

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function...

7.2CVSS7.9AI score0.01131EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 6:0 p.m.11 views

CVE-2024-2659

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function...

7.2CVSS7.5AI score0.01131EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 6:0 p.m.13 views

CVE-2023-4857

An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information...

7.5CVSS7.9AI score0.0053EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 6:0 p.m.7 views

CVE-2023-4857

An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information...

7.5CVSS7.5AI score0.0053EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 6:0 p.m.49 views

CVE-2023-4857

Summary: A concrete authentication-bypass issue affects Lenovo SMM/SMM2 and Fan Power Controller (FPC) firmware in Lenovo ThinkSystem, ThinkAgile, NeXtScale, and CP-CB-10 platforms. Affected components: System Management Module/SMM2 and Fan Power Controller firmware. Root cause (as described): La...

7.5CVSS7.2AI score0.0053EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 5:59 p.m.6 views

CVE-2023-4856

A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint...

8.8CVSS7.5AI score0.00665EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 5:59 p.m.12 views

CVE-2023-4856

A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint...

8.8CVSS9AI score0.00665EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 5:58 p.m.17 views

CVE-2023-4855

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute unauthorized commands via IPMI...

7.2CVSS7.5AI score0.01131EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/15 5:58 p.m.14 views

CVE-2023-4855

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute unauthorized commands via IPMI...

7.2CVSS7.9AI score0.01131EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/12 3:26 p.m.20 views

CVE-2024-30401 Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman

An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC...

8.2CVSS6.1AI score0.00581EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/11 12:0 a.m.24 views

Juniper Junos OS Vulnerability (JSA79110)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79110 advisory. - An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line...

8.2CVSS6.2AI score0.00581EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/03/07 4:25 a.m.8 views

SUSE CVE-2023-52597

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register kvmarchvcpuioctlsetfpu allows to set the floating point control fpc register of a guest cpu. The new value is tested for validity by temporarily loading it into the fpc register. This may le...

4.7CVSS6.8AI score0.00231EPSS
Exploits0References18
Rows per page
Query Builder