elearning.veracruz.tecnm.mx Cross Site Scripting vulnerability OBB-2299949

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

The vulnerability of Juniper Networks’ Junos OS routers of the MX series lies in insufficient checking of unusual or exceptional states, allowing attackers to trigger a service failure.

The vulnerability of Juniper Networks’ Junos OS routers of the MX series is related to insufficient checking of unusual or exceptional states during packet processing on MS-MPC/MS-MIC. Exploiting this vulnerability can allow a malicious actor to cause service failures...

CVE-2021-31369

On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service DoS with a high rate of specific traffic. If a Class of Service CoS rule is...

CVE-2021-31366

An Unchecked Return Value vulnerability in the authd authentication daemon of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting A...

CVE-2021-31351

An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service DoS. Continued receipt and processing o...

Design/Logic Flaw

An Unchecked Return Value vulnerability in the authd authentication daemon of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting A...

Design/Logic Flaw

On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service DoS with a high rate of specific traffic. If a Class of Service CoS rule is...

CVE-2021-31369

CVE-2021-31369 affects Juniper Networks Junos OS on MX Series with MS-MPC/MS-MIC. The issue is an Allocation of Resources Without Limits or Throttling vulnerability that allows an unauthenticated network attacker to cause a partial Denial of Service by generating high-rate traffic. If a Class of ...

CVE-2021-31369 Junos OS: MX Series: Traffic drops will be observed if MS-MPC/MS-PIC resources are consumed by certain traffic causing a partial DoS

On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service DoS with a high rate of specific traffic. If a Class of Service CoS rule is...

CVE-2021-31366

CVE-2021-31366 is an Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management/BBE. A adjacent attacker can trigger a crash by sending a specific username, causing a DoS affecting AAA services on affect...

CVE-2021-31366 Junos OS: MX Series: In subscriber management / BBE configuration authd can crash if a subscriber with a specific username tries to login leading to a DoS

An Unchecked Return Value vulnerability in the authd authentication daemon of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting A...

Juniper Junos OS Vulnerability (JSA11231)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11231 advisory. - On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated...

Juniper Junos OS Vulnerability (JSA11228)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11228 advisory. - An Unchecked Return Value vulnerability in the authd authentication daemon of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an...

CVE-2021-24671

The MX Time Zone Clocks WordPress plugin before 3.4.1 does not escape the timezone attribute of the mxmtzctimezoneclocks shortcode, allowing users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

CVE-2021-24671 MX Time Zone Clocks < 3.4.1 - Contributor+ Cross-Site Scripting

The MX Time Zone Clocks WordPress plugin before 3.4.1 does not escape the timezone attribute of the mxmtzctimezoneclocks shortcode, allowing users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

The vulnerability of microprogramming software in Samsung Galaxy S2, Galaxy Note 2, and Meizu MX devices stems from deficiencies in access control mechanisms, allowing attackers to escalate their privileges through specially created applications.

The vulnerability of microprogramming software in Samsung Galaxy S2, Galaxy Note 2, and Meizu MX devices is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to enhance their privileges through a specially created application...

WordPress MX Time Zone Clocks plugin <= 3.4 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress MX Time Zone Clocks plugin versions = 3.4. Solution Update the WordPress MX Time Zone Clocks plugin to the latest available version at least 3.4.1...

MX Time Zone Clocks < 3.4.1 - Contributor+ Cross-Site Scripting

The plugin does not escape the timezone attribute of the mxmtzctimezoneclocks shortcode, allowing users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks PoC mxmtzctimezoneclocks timezone='"+alertXSS-timezone+"'...

MX Time Zone Clocks < 3.4.1 - Contributor+ Cross-Site Scripting

The plugin does not escape the timezone attribute of the mxmtzctimezoneclocks shortcode, allowing users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks mxmtzctimezoneclocks timezone='"+alertXSS-timezone+"'...

The vulnerability of Juniper Networks Junos OS routers of the MX, EX9200, and SRX4600 series lies in deficiencies in handling exceptional states, which allows an attacker to trigger a service failure.

The vulnerability of Juniper Networks Junos OS routers of the MX, EX9200, and SRX4600 series is related to deficiencies in handling exceptional states during packet processing. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...