CVE-2023-22415 Junos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash when specific H.323 packets are received

An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all MX Series and SRX Series platform, when H.323 ALG is enabled and specific H.323 packets are received simultaneously, a flow...

CVE-2023-22394

Summary of CVE-2023-22394 — Junos OS SRX/MX SIP ALG memory leak (DoS) The vulnerability arises in Juniper Networks Junos OS when handling SIP calls with SIP ALG enabled, causing a memory leak that can degrade or disrupt SIP call processing and related applications. Affected products include Junos...

CVE-2023-22410 Junos OS: MX Series with MPC10/MPC11: When Suspicious Control Flow Detection (scfd) is enabled and an attacker is sending specific traffic, this causes a memory leak.

A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service DoS. Devices are only vulnerable when the Suspicious Control Flow...

CVE-2023-22409

This CVE concerns Juniper Networks Junos OS NAT functionality where an unchecked input for a loop condition in the NAT library can crash SPC3 on SRX/MX devices, causing a DoS when an inconsistent deterministic NAT configuration is used and a specific CLI command is executed. The issue is triggere...

CVE-2023-22404 Junos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is received

An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service DoS. iked will crash and restart, and the tunnel will not come up when a...

CVE-2023-22394 Junos OS: SRX Series and MX Series: Memory leak due to receipt of specially crafted SIP calls

An Improper Handling of Unexpected Data Type vulnerability in the handling of SIP calls in Juniper Networks Junos OS on SRX Series and MX Series platforms allows an attacker to cause a memory leak leading to Denial of Services DoS. This issue occurs on all MX Series platforms with MS-MPC or MS-MI...

CVE-2023-22410

The CVE-2023-22410 entry affects Juniper Networks Junos OS on MX Series with MPC10/MPC11 line cards. The issue is a memory leak in AftDdosScfdFlow caused by enabling Suspicious Control Flow Detection (scfd); when attackers send specific traffic, memory is allocated dynamically and not freed, lead...

PT-2023-2554 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on SRX Series and MX Series platforms versions prior to 19.3R3-S7 Juniper Networks Junos OS on SRX Series and MX Series platforms version 19.4 prior to 19.4R2-S8, 19.4R3-S10 Juniper Networks Junos OS on SRX Series an...

PT-2023-2548 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions prior to 19.4R3-S9 Juniper Networks Junos OS on MX Series version 20.1R3-S5 and later versions Juniper Networks Junos OS on MX Series versions prior to 20.2R3-S5 Juniper Networks Junos OS on MX...

PT-2023-3062 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series and SRX Series versions prior to 20.4R3-S4 Juniper Networks Junos OS on MX Series and SRX Series versions prior to 21.1R3-S3 Juniper Networks Junos OS on MX Series and SRX Series versions prior to...

PT-2023-1260 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series and SRX Series versions prior to 20.4R3-S5 Juniper Networks Junos OS on MX Series and SRX Series versions prior to 21.1R3-S4 Juniper Networks Junos OS on MX Series and SRX Series versions prior to...

The vulnerability of the Server Message Block Version 2 (SMB2) protocol implementation in the Snort intrusion detection system of Cisco Firepower Threat Defense (FTD), the Cisco Meraki MX network device management software, the Cisco Cyber Vision industrial network security control solution, and the Cisco Umbrella cloud security service allows a perpetrator to bypass security restrictions and cause service interruptions.

The vulnerability of the Server Message Block Version 2 SMB2 implementation in the Snort intrusion detection system of the Cisco Firepower Threat Defense FTD microprogramming network interface devices, the Cisco Meraki MX network devices, the Cisco Cyber Vision industrial network security control...

Mitsubishi Electric FA Engineering Software (Update C)

1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: GX Works3, MX OPC UA Module Configurator-R Vulnerabilities: Cleartext Storage of Sensitive Information, Use of Hard-coded Password, Insufficiently Protected Credentials,...

CVE-2022-25164

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result,...

Information disclosure

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result,...

CVE-2022-25164

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A to 1.095Z and Mitsubishi Electric MX OPC UA Module Configurator-R versions 1.08J and prior allows a remote unauthenticated attacker to disclose sensitive information. As a result,...

PT-2022-5809 · Cisco · Cisco Meraki Mx +3

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD with Snort 3 configured Cisco Meraki MX with Snort 3 configured Cisco Cyber Vision with Snort 3 configured Cisco Umbrella with Snort 3 configured Description: Multiple vulnerabilities in the Server Message...

PT-2022-6189 · Cisco · Cisco Meraki Mx +3

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD versions with Snort 3 configured Cisco Meraki MX versions with Snort 3 configured Cisco Cyber Vision versions with Snort 3 configured Cisco Umbrella versions with Snort 3 configured Description: Multiple...

CVE-2022-20933

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of...

Input validation

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of...