CVE-2018-0002

Summary (CVE-2018-0002) : On SRX Series and MX Series devices with a Service PIC and ALG enabled, a crafted TCP/IP response packet can cause memory corruption that crashes the flowd daemon, leading to a Denial of Service. Affected releases include multiple Junos OS branches across SRX and MX plat...

Junos OS Denial of Service Vulnerability in Multiple Juniper Networks Products (CNVD-2017-32220)

Juniper EX2200 and others are Juniper Networks products.Juniper EX2200, EX3300 and XRE200 are enterprise switches.MX Series router is a router.Junos OS is a set of operating system running on it. A security vulnerability exists in the Junos OS of the Juniper EX2200, EX3300, XRE200, and MX Series...

Design/Logic Flaw

If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. Repeated crashes of PFE processing can result in an extended...

CVE-2017-10611

If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. Repeated crashes of PFE processing can result in an extended...

CVE-2017-10611 Junos: EX Series PFE and MX MPC7E/8E/9E PFE crash when fetching interface stats with 'extended-statistics' enabled

If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. Repeated crashes of PFE processing can result in an extended...

Bitwarden: Mailgun misconfiguration on email.bitwarden.com

Hi, While checking the subdomains i found that the subdomain email.bitwarden.com upon navigating downloads a file saying "Mailgun Magnificent API" And has the following DNS info DNS Records for email.bitwarden.com Hostname Type TTL Priority Content email.bitwarden.com SOA 899 ns-586.awsdns-09.net...

Mirasvit Helpdesk MX Cross-Site Scripting Vulnerability

Mirasvit Helpdesk MX is a set of extension support platform for Magento e-commerce system from Mirasvit. The platform provides a variety of extension modules for Magento. A cross-site scripting vulnerability exists in the administration interface of Mirasvit Helpdesk MX versions prior to 1.5.3. A...

Mirasvit Helpdesk MX Code Execution Vulnerability

Mirasvit Helpdesk MX is a set of extension support platform for Magento e-commerce system from Mirasvit. The platform provides a variety of extension modules for Magento. A security vulnerability exists in Mirasvit Helpdesk MX versions prior to 1.5.3. A remote attacker can exploit the vulnerabili...

CVE-2017-14321

Multiple cross-site scripting XSS vulnerabilities in the administrative interface in Mirasvit Helpdesk MX before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the 1 customer name or 2 subject in a ticket...

Code injection

Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files...

CVE-2017-14321

Multiple cross-site scripting XSS vulnerabilities in the administrative interface in Mirasvit Helpdesk MX before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the 1 customer name or 2 subject in a ticket...

CVE-2017-14320

Affected product: Mirasvit Helpdesk MX (Magento extension) before 1.5.3. Vulnerability: remote code execution due to failure to filter uploaded files. Impact: arbitrary code execution. Remediation: upgrade to version 1.5.3 or later (vulnerable before 1.5.3). No exploitation details are provided i...

CVE-2017-14321

The CVE-2017-14321 issue affects Mirasvit Helpdesk MX (Magento extension) prior to version 1.5.3, with the root cause described as cross-site scripting (XSS) vulnerabilities in the administrative interface. The vulnerability allows an attacker to inject arbitrary web script or HTML via the ticket...

CVE-2017-14321

Multiple cross-site scripting XSS vulnerabilities in the administrative interface in Mirasvit Helpdesk MX before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the 1 customer name or 2 subject in a ticket...

CVE-2017-14320

Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files...

RED HAWK v2.0.0 - All in one tool for Information Gathering, Vulnerability Scanning and Crawling

RED HAWK is An All In One Tool For Information Gathering, SQL Vulnerability Scannig and Crawling. Coded In PHP. Features: Basic Scan Site Title NEW IP Address Web Server Detection IMPROVED CMS Detection Cloudflare Detection robots.txt Scanner Whois Lookup IMPROVED Geo-IP Lookup Grab Banners...

ecoupons.com.mx Open Redirect vulnerability

Open Bug Bounty ID: OBB-276023 Description| Value ---|--- Affected Website:| ecoupons.com.mx Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

File Upload Vulnerability in Longcai MX of Longcai Technology Inc.

Longcai MX is a marketing website that caters to consumer needs and buying desires. A file upload vulnerability exists in Longcai MX, a subsidiary of Longcai Technology, due to the system's failure to strictly filter file contents. An attacker can upload arbitrary files and obtain administrator...

Juniper MX Series Appliance Junos OS ALG Denial of Service Vulnerability

Juniper MX Series is an MX Series router from Juniper Networks, Inc.Junos OS is the operating system used in the Juniper MX Series. A security vulnerability exists in the Junos OS in Juniper MX Series devices. A remote attacker could send packet fragments through the Application Layer Gateway ALG...

CVE-2017-2346

An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway ALG. Repeated crashes of the Service PC can result in an extended denial of service condition. The issue can be seen only if NAT or stateful-firewall rules are configured with...