94 matches found
CVE-2023-48194
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing setclientqos, control over the gp register can be obtained...
CVE-2024-30388 Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps
An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If a specific malformed LACP packet is received by a QFX5000...
CVE-2024-21600 Junos OS: PTX Series: In an FTI scenario MPLS packets hitting reject next-hop will cause a host path wedge condition
An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service DoS. When MPLS packets are meant to be sent to a flexible tunnel interfac...
CVE-2022-22226
In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated adjacently located attacker sending specific packets to cause a Denial of Service DoS conditio...
CVE-2022-22226 Junos OS: EX4300-MP, EX4600, QFX5000 Series: In VxLAN scenarios specific packets processed cause a memory leak leading to a PFE crash
In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated adjacently located attacker sending specific packets to cause a Denial of Service DoS conditio...
CVE-2022-22220 Junos OS and Junos OS Evolved: Due to a race condition the rpd process can crash upon receipt of a BGP update message containing flow spec route
A Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Routing Protocol Daemon rpd of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service DoS. When a BGP flow route with redirect IP extended community is received, an...
CVE-2020-36549
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed...
CVE-2020-36547
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings...
CVE-2020-36548
A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host...
Hardcoded credentials
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings...
Design/Logic Flaw
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed...
Authentication flaw
A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host...
CVE-2020-36549 GE Voluson S8 Windows Operating System Patches privileges management
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed...
CVE-2020-36549 GE Voluson S8 Windows Operating System Patches privileges management
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed...
CVE-2020-36549
CVE-2020-36549 affects GE Voluson S8 running on Windows XP. The documented issue is a privilege-management–related vulnerability that requires local network access and may allow a total impact on confidentiality, integrity, and availability. Several sources note missing patches may increase the a...
CVE-2020-36548 GE Voluson S8 Service Browser users.cgi improper authentication
A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host...
CVE-2020-36548 GE Voluson S8 Service Browser users.cgi improper authentication
A vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host...
CVE-2020-36548
CVE-2020-36548 affects GE Voluson S8, specifically the Service Browser component /uscgi-bin/users.cgi. The root cause is improper/authentication bypass allowing elevated access from a local attacker, with attack described as local and capable of compromising confidentiality, integrity, and availa...
CVE-2020-36547 GE Voluson S8 Service Browser hard-coded credentials
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings...
CVE-2020-36547 GE Voluson S8 Service Browser hard-coded credentials
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings...