PT-2024-7396 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3-S8 Junos OS versions 22.2 prior to 22.2R3-S5 Junos OS versions 22.3 prior to 22.3R3-S4 Junos OS versions 22.4 prior to 22.4R3-S3 Junos OS versions 23.2 prior to 23.2R2-S2 Junos OS versions 23.4 prior to 23.4R...

Juniper Junos OS Vulnerability (JSA79095)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79095 advisory. - An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based...

CVE-2024-29822

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code...

CVE-2024-36472

In GNOME Shell through 45.7, a portal helper can be launched automatically without user confirmation based on network responses provided by an adversary e.g., an adversary who controls the local Wi-Fi network, and subsequently loads untrusted JavaScript code, which may lead to resource consumptio...

Juniper Junos OS Vulnerability (JSA75751)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75751 advisory. - An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon cosd of Juniper Networks Junos OS on MX Series allows an authenticated,...

CVE-2023-51364

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions:...

Juniper Junos OS Vulnerability (JSA79094)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79094 advisory. - A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon rpd component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker...

Juniper Junos OS Vulnerability (JSA75744)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75744 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low...

CVE-2024-21074

Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite component: Finance LOV. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Trade Management...

CVE-2024-21056

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2024-30392

A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific UR...

CVE-2024-30389

An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device. When an output firewall filter is applied to ...

CVE-2024-30390

CVE-2024-30390 affects Juniper Networks Junos OS Evolved. The vulnerability is an improper restriction of excessive authentication attempts: after a connection is blocked for exceeding connections-per-second, the system does not consider existing connections for subsequent attempts, allowing the ...

CVE-2024-30390 Junos OS Evolved: Connection limits is not being enforced while the resp. rate limit is being enforced

An Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a limited Denial of Service DoS to the management plane. When an incoming connection was blocked because it exceeded the...

CVE-2024-30389

CVE-2024-30389 affects Juniper Junos OS on EX4300 Series. The root cause is an Incorrect Behavior Order in the Packet Forwarding Engine (PFE): when an output firewall filter is applied to an interface, it may fail to recognize matching packets and permit traffic, causing an integrity impact to ne...

CVE-2024-30382

Juniper Networks Junos OS and Junos OS Evolved are affected by CVE-2024-30382 via an Improper Handling of Exceptional Conditions in the routing protocol daemon (rpd). A network-based, unauthenticated attacker can trigger a specific routing update when CB F (CoS-based forwarding) is configured wit...

CVE-2024-30395

An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service DoS. If a BGP update is received over an established BGP session which contains a tunnel...

CVE-2024-21598

An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If a BGP update is received over an established BGP sessio...

CVE-2024-30392 Junos OS: MX Series with SPC3 and MS-MPC/-MIC: When URL filtering is enabled and a specific URL request is received a flowd crash occurs

A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific UR...

CVE-2024-30392

CVE-2024-30392 describes a Stack-based Buffer Overflow in Juniper Junos OS Flow Processing Daemon (flowd) on MX platforms with SPC3 and MS-MPC/-MIC. When URL filtering is enabled, receiving a specific URL request can crash flowd and restart the PFE, causing a sustained DoS. Affected Junos OS vers...