CVE-2024-20498

CVE-2024-20498 describes multiple DoS vulnerabilities in the Cisco AnyConnect VPN server used by Cisco Meraki MX and Z Series Teleworker Gateway devices. The flaws arise from insufficient validation/resource management while establishing SSL/TLS VPN sessions and handling client-supplied parameter...

Cisco Meraki Z和Cisco Meraki MX 资源管理错误漏洞

The Cisco Meraki Z and Cisco Meraki MX are both products of Cisco, Inc.The Cisco Meraki Z is an enterprise-class firewall, VPN gateway, and router.The Cisco Meraki MX is a multifunction security and SD-WAN enterprise appliance. A resource management error vulnerability exists in the Cisco Meraki ...

Cisco Meraki Z和Cisco Meraki MX 缓冲区错误漏洞

The Cisco Meraki Z and Cisco Meraki MX are both products of Cisco, Inc.The Cisco Meraki Z is an enterprise-class firewall, VPN gateway, and router.The Cisco Meraki MX is a multifunction security and SD-WAN enterprise appliance. A buffer error vulnerability exists in the Cisco Meraki Z and Cisco...

PT-2024-18669 · Cisco · Cisco Meraki Z Series Teleworker Gateway +2

Name of the Vulnerable Software and Affected Versions: Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices affected versions not specified Description: The issue is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker cou...

PT-2024-7134 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Junos OS on MX Series versions prior to 21.4R3-S9 Junos OS on MX Series versions 22.2 through 22.2R3-S5 Junos OS on MX Series versions 22.3 through 22.3R3-S4 Junos OS on MX Series versions 22.4 through 22.4R3-S2 Junos OS on MX Series versions...

PT-2024-7132

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 21.2R3-S7 Junos OS versions from 21.4 before 21.4R3-S6 Junos OS versions from 22.1 before 22.1R3-S5 Junos OS versions from 22.2 before 22.2R3-S3 Junos OS versions from 22.3 before 22.3R3-S2 Junos OS versions from 22....

GO-2023-1806 mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go

mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go...

CVE-2024-36446

The provisioning manager component of Mitel MiVoice MX-ONE through 7.6 SP1 could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control. A successful exploit could allow an attacker to bypass the authorization schema...

CVE-2024-36446

The provisioning manager component of Mitel MiVoice MX-ONE through 7.6 SP1 could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control. A successful exploit could allow an attacker to bypass the authorization schema...

CVE-2024-36446

The provisioning manager component of Mitel MiVoice MX-ONE through 7.6 SP1 could allow an authenticated attacker to conduct an authentication bypass attack due to improper access control. A successful exploit could allow an attacker to bypass the authorization schema...

Mitel MiVoice MX-ONE 安全漏洞

Mitel MiVoice MX-ONE is a complete communications solution from Mitel Canada. A security vulnerability exists in Mitel MiVoice MX-ONE version 7.6 SP1 and prior versions, which stems from a Permission Modification Improperity vulnerability in the Provisioning Manager component that could allow an...

DEBIAN-CVE-2024-42253

In the Linux kernel, the following vulnerability has been resolved: gpio: pca953x: fix pca953xirqbussyncunlock race Ensure that i2clock' is held when setting interrupt latch and mask in pca953xirqbussyncunlock in order to avoid races. The other non-probe call site pca953xgpiosetmultiple ensures t...

GHSA-CFXW-4H78-H7FW DNSJava DNSSEC Bypass

Summary Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. Details DNS Messages are not authenticated. They do not guarantee that - received RRs are authentic - not received RRs do not exist - all or any received...

The vulnerability of the Juniper Networks Junos OS router series MX devices, specifically the “beb-smgd” controller demon, allows a hacker to cause a service failure.

The vulnerability of the Juniper Networks Junos OS router series MX devices, specifically those belonging to the Border Gateway Service Management Device bbe-smgd module, is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service...

The vulnerability of the Packet Forwarding Engine (PFE) module in Juniper Networks’ Junos OS-based routers of the MX, MX-SPC3, and SRX series allows a attacker to compromise the integrity and accessibility of protected information.

The vulnerability of the Packet Forwarding Engine PFE module in Juniper Networks’ Junos OS-based routers of the MX, MX-SPC3, and SRX series is related to the absence of authentication for a critical function. Exploiting this vulnerability allows an attacker to compromise the integrity and...

The vulnerability of Juniper Networks’ Junos OS operating system in MX and EX9200 devices, related to operations that go beyond the buffer in memory, allows attackers to cause service interruptions.

The vulnerability of Juniper Networks’ Junos OS operating system in MX and EX9200 devices is related to operations that occur outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

CVE-2024-39551

An Uncontrolled Resource Consumption vulnerability in the H.323 ALG Application Layer Gateway of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of...

CVE-2024-39551

An Uncontrolled Resource Consumption vulnerability in the H.323 ALG Application Layer Gateway of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of...

CVE-2024-39550

A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause which can be done by repeated port flaps to cause a slow memory leak, ultimate...

CVE-2024-39550

A Missing Release of Memory after Effective Lifetime vulnerability in the rtlogd process of Juniper Networks Junos OS on MX Series with SPC3 allows an unauthenticated, adjacent attacker to trigger internal events cause which can be done by repeated port flaps to cause a slow memory leak, ultimate...