The vulnerability of Juniper Networks Junos OS routers in the QFX5000 and EX4600 series, related to a memory release error, allows a hacker to trigger a service failure.

The vulnerability of Juniper Networks Junos OS routers in the QFX5000 and EX4600 series is related to a memory release error during the processing of incoming IPv6 packets. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

Contiki-NG 安全漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An infinite loop vulnerability exists in the handling of IPv6 Neighbor Request NS messages in Contiki-NG versions prior to 4.6. An attacker could exploit this vulnerability to cause a denial of service...

QEMU 缓冲区错误漏洞

QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the function udp6input using memory outside of the working mbuf buffer when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker could...

CVE-2021-0243

Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service DoS condition. When the firewall policer discard action fails on a Layer 2 port, it wi...

CVE-2021-0250

In segment routing traffic engineering SRTE environments where the BGP Monitoring Protocol BMP feature is enable, a vulnerability in the Routing Protocol Daemon RPD process of Juniper Networks Junos OS allows an attacker to send a specific crafted BGP update message causing the RPD service to cor...

Mozilla: DoH did not filter IPv4 mapped IP Addresses

When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding...

CentOS: Security Advisory for python3 (CESA-2020:5010)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Moderate: python38:3.8 security, bug fix, and enhancement update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...

Moderate: python3 security and bug fix update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: Red Hat Security Advisory: rh-python36 security, bug fix, and enhancement update

An update for rh-python36-python, rh-python36-python-pip, and rh-python36-python-virtualenv is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives...

Juniper Networks Junos OS MX Denial of Service Vulnerability

Juniper Networks Junos OS is a set of network operating systems dedicated to the company's hardware devices. A memory disclosure vulnerability exists in Juniper Networks Junos OS MX Handling NAT64 IPv6, which can be exploited by a remote attacker to submit a special request, which can be used in ...

DEBIAN-CVE-2020-1749

A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data...

PT-2020-12547 · Weave · Weave Net

Name of the Vulnerable Software and Affected Versions: Weave Net versions prior to 2.6.3 Description: An attacker able to run a process as root in a container can respond to DNS requests from the host and insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is...

ipv-dgk.ugent.be Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1149490 Security Researcher ELProfesor Helped patch 2814 vulnerabilities Received 8 Coordinated Disclosure badges Received 107 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting ipv-dgk.ugent.be websi...

Vulnerability fixed in Linux kernel

SUSE has fixed a vulnerability in SUSE Kernel. The vulnerability causes in certain cases IPv6 traffic to be is not encrypted over an IPsec tunnel. A malicious party could potentially be able to retrieve sensitive data as a result. -= SUSE =- SUSE has made updates available to fix the vulnerabilit...

ipv-dgk.ugent.be Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1148608 Security Researcher ELProfesor Helped patch 2814 vulnerabilities Received 8 Coordinated Disclosure badges Received 107 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting ipv-dgk.ugent.be websi...

The vulnerability of the Routing Engine module of the JunOS operating system, which allows a hacker to trigger a service failure.

The vulnerability of the Routing Engine module of the JunOS operating system is related to the failure to release resources after the expiration of their useful lifespan. Exploiting this vulnerability allows a malicious actor to cause service failures through specially created IPv6 traffic...

CVE-2019-17273

E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability which allows an attacker to cause a Denial of Service DoS in IPv6 environments...

Juniper Networks Junos OS IPv6 Message Handling Denial of Service Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that arises from the program's failure to properly handle...

USN-4157-2 linux-hwe, linux-azure, linux-gcp, linux-gke-5.0 vulnerabilities

USN-4157-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly...