1892 matches found
CVE-2022-22233
An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service DoS. In Segment Routing SR to Label Distribution Protocol L...
Input validation
An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service DoS condition. Continued receipt...
CVE-2022-22247 Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)
An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service DoS condition. Continued receipt...
CVE-2022-22247
CVE-2022-22247 affects Juniper Networks Junos OS Evolved. The issue is an improper input validation vulnerability in the processing of ingress TCP segments, allowing a network-based unauthenticated attacker to send a crafted TCP segment that triggers a kernel panic and leads to a Denial of Servic...
CVE-2022-22247 Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)
An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service DoS condition. Continued receipt...
CVE-2022-22233 Junos OS and Junos OS Evolved: In an SR to LDP interworking scenario, with SRMS, when a specific low privileged command is issued on an ABR rpd will crash
An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service DoS. In Segment Routing SR to Label Distribution Protocol L...
Juniper Junos OS Vulnerability (JSA69904)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA69904 advisory. - An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a...
Microsoft ODBC Driver 安全漏洞
Microsoft ODBC Driver is a driver from Microsoft Corporation USA. A remote code execution vulnerability exists in the Microsoft Windows ODBC Driver, which stems from the failure of a network system or product to properly filter special elements of the external input data during the construction o...
PT-2022-6193
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The issue affects the function nilfs attach log writer of the file fs/nilfs2/segment.c of the component BPF, leading to a memory leak. The attack may be initiated remotely, potentially...
PT-2022-34675 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.213 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. The actual impact and attack plausibility have not yet been proven...
PT-2022-34658 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.143 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. This problem was introduced in version v4.10 and is fixed in version v5.10.143...
PT-2022-34689 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.258 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. This problem was introduced in version v4.10 and is fixed in version v4.19.258...
PT-2022-34631 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.68 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. The actual impact and attack plausibility have not yet been proven...
PT-2022-34594 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. The actual impact and attack plausibility have not yet been proven...
PT-2022-34701 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.293 Description: The issue concerns an out-of-bounds read when setting HMAC data in the IPv6 segment routing SR functionality. This problem was introduced in version v4.10 and is fixed in Linux Kernel...
GHSA-RM2X-HGR8-W343 LIEF vulnerable to denial of service through segmentation fault
A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file. A patch is available at commit number 24935f654f6df700a9a062298258b9485f584502...
PYSEC-2022-43139
A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...
PYSEC-2022-43139
A vulnerability in the LIEF::MachO::SegmentCommand::virtualaddress function of LIEF v0.12.1 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted MachO file...
L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers
Overview Layer-2 L2 network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted packets through vulnerable devices to cause Denial-of-service DoS or to perform a...
HashiCorp Consul does not properly validate node or segment names prior to usage in JWT claim assertions
HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 did not properly validate the node or segment names prior to interpolation and usage in JWT claim assertions with the auto config RPC. Fixed in 1.11.9, 1.12.5, and 1.13.2...