303 matches found
CVE-2024-39538 Junos OS Evolved: ACX7000 Series: When multicast traffic with a specific (S,G) is received evo-pfemand crashes
A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.When multicast traffic with a specific, valid S,G is received,...
CVE-2024-39538
Junos OS Evolved on ACX7000 Series is affected by CVE-2024-39538 due to a Buffer Copy without Checking Size of Input in evo-pfemand (PFE management daemon). An unauthenticated, adjacent attacker can cause a Denial-of-Service by sending multicast traffic with a specific (S,G); evo-pfemand crashes,...
PT-2024-28521 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Junos OS on MX Series versions prior to 21.2R3-S6 Junos OS on MX Series version 21.4 prior to 21.4R3-S6 Junos OS on MX Series version 22.1 prior to 22.1R3-S5 Junos OS on MX Series version 22.2 prior to 22.2R3-S3 Junos OS on MX Series version...
kernel: KVM: s390: fix setting of fpc register
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register kvmarchvcpuioctlsetfpu allows to set the floating point control fpc register of a guest cpu. The new value is tested for validity by temporarily loading it into the fpc register. This may le...
CVE-2023-4855
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute unauthorized commands via IPMI...
CVE-2023-4857
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information...
CVE-2023-4856
A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint...
CVE-2024-2659
CVE-2024-2659 describes a command injection in Lenovo SMM/SMM2 and the Fan Power Controller (FPC). The vulnerability allows an authenticated user with elevated privileges to execute system commands during a specific administrative operation. Reports from multiple sources (including Red Hat, CVE l...
CVE-2024-2659
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function...
CVE-2024-2659
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function...
CVE-2023-4857
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information...
CVE-2023-4857
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute certain IPMI calls that could lead to exposure of limited system information...
CVE-2023-4857
Summary: A concrete authentication-bypass issue affects Lenovo SMM/SMM2 and Fan Power Controller (FPC) firmware in Lenovo ThinkSystem, ThinkAgile, NeXtScale, and CP-CB-10 platforms. Affected components: System Management Module/SMM2 and Fan Power Controller firmware. Root cause (as described): La...
CVE-2023-4856
A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint...
CVE-2023-4856
A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user to execute arbitrary commands on a specific API endpoint...
CVE-2023-4855
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute unauthorized commands via IPMI...
CVE-2023-4855
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute unauthorized commands via IPMI...
CVE-2024-30401 Junos OS: MX Series and EX9200-15C: Stack-based buffer overflow in aftman
An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line cards, MX304, and EX9200-15C, may allow an attacker to exploit a stack-based buffer overflow, leading to a reboot of the FPC...
Juniper Junos OS Vulnerability (JSA79110)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79110 advisory. - An Out-of-bounds Read vulnerability in the advanced forwarding management process aftman of Juniper Networks Junos OS on MX Series with MPC10E, MPC11, MX10K-LC9600 line...
SUSE CVE-2023-52597
In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register kvmarchvcpuioctlsetfpu allows to set the floating point control fpc register of a guest cpu. The new value is tested for validity by temporarily loading it into the fpc register. This may le...