Lucene search
K

1892 matches found

OSV
OSV
added 2022/10/18 3:15 a.m.6 views

CVE-2022-22233

An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service DoS. In Segment Routing SR to Label Distribution Protocol L...

5.5CVSS5.8AI score0.00171EPSS
Exploits0References1
Prion
Prion
added 2022/10/18 3:15 a.m.21 views

Input validation

An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service DoS condition. Continued receipt...

5CVSS7.3AI score0.00572EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/18 2:46 a.m.27 views

CVE-2022-22247 Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)

An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service DoS condition. Continued receipt...

7.5CVSS7.5AI score0.00572EPSS
Exploits0References1
CVE
CVE
added 2022/10/18 2:46 a.m.54 views

CVE-2022-22247

CVE-2022-22247 affects Juniper Networks Junos OS Evolved. The issue is an improper input validation vulnerability in the processing of ingress TCP segments, allowing a network-based unauthenticated attacker to send a crafted TCP segment that triggers a kernel panic and leads to a Denial of Servic...

7.5CVSS7.3AI score0.00572EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/10/18 2:46 a.m.9 views

CVE-2022-22247 Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)

An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service DoS condition. Continued receipt...

7.5CVSS7.4AI score0.00572EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/18 2:46 a.m.17 views

CVE-2022-22233 Junos OS and Junos OS Evolved: In an SR to LDP interworking scenario, with SRMS, when a specific low privileged command is issued on an ABR rpd will crash

An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service DoS. In Segment Routing SR to Label Distribution Protocol L...

5.5CVSS5.6AI score0.00171EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/10/12 12:0 a.m.32 views

Juniper Junos OS Vulnerability (JSA69904)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA69904 advisory. - An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a...

7.5CVSS7.5AI score0.00572EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.7 views

Microsoft ODBC Driver 安全漏洞

Microsoft ODBC Driver is a driver from Microsoft Corporation USA. A remote code execution vulnerability exists in the Microsoft Windows ODBC Driver, which stems from the failure of a network system or product to properly filter special elements of the external input data during the construction o...

8.8CVSS8.8AI score0.01476EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.10 views

PT-2022-6193

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The issue affects the function nilfs attach log writer of the file fs/nilfs2/segment.c of the component BPF, leading to a memory leak. The attack may be initiated remotely, potentially...

8.8CVSS8AI score0.21314EPSS
Exploits86References1222
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.3 views

PT-2022-34675 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.213 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. The actual impact and attack plausibility have not yet been proven...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.4 views

PT-2022-34658 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.143 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. This problem was introduced in version v4.10 and is fixed in version v5.10.143...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.5 views

PT-2022-34689 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.258 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. This problem was introduced in version v4.10 and is fixed in version v4.19.258...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.3 views

PT-2022-34631 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.68 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. The actual impact and attack plausibility have not yet been proven...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.5 views

PT-2022-34594 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. The actual impact and attack plausibility have not yet been proven...

7.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/02 12:0 a.m.3 views

PT-2022-34701 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.293 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. This problem was introduced in version v4.10 and is fixed in Linux Kernel...

7AI score
Exploits0References1
OSV
OSV
added 2022/10/01 12:0 a.m.2 views

GHSA-RM2X-HGR8-W343 LIEF vulnerable to denial of service through segmentation fault

A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file. A patch is available at commit number 24935f654f6df700a9a062298258b9485f584502...

6.5CVSS5.9AI score0.00593EPSS
Exploits1References5
PyPA
PyPA
added 2022/09/30 7:15 p.m.7 views

PYSEC-2022-43139

A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

6.5CVSS6.6AI score0.00593EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/09/30 7:15 p.m.2 views

PYSEC-2022-43139

A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...

6.5CVSS6.6AI score0.00593EPSS
Exploits1References1
CERT
CERT
added 2022/09/27 12:0 a.m.57 views

L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers

Overview Layer-2 L2 network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service DoS or to perform a...

4.7CVSS4.9AI score0.0069EPSS
Exploits1References14
Github Security Blog
Github Security Blog
added 2022/09/25 12:0 a.m.26 views

HashiCorp Consul does not properly validate node or segment names prior to usage in JWT claim assertions

HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 did not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2...

7.1CVSS6.5AI score0.00846EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder