40 matches found
EUVD-2018-0865
Malware in sbrugna...
EUVD-2018-0862
Malware in sbrugna...
EUVD-2018-0863
Malware in sbrugna...
EUVD-2022-27336
Malicious code in bioql PyPI...
EUVD-2022-27299
Malicious code in bioql PyPI...
USN-7197-1: Go Networking vulnerability
Guido Vranken discovered that Go Networking handled input to the Parse functions inefficiently. An attacker could possibly use this issue to cause denial of service. This update addresses the issue in the golang-golang-x-net and golang-golang-x-net-dev packages, as well as the library vendored...
The vulnerability of the control interface of Juniper Networks’ Contrail Service Orchestration allows a attacker to enhance their privileges and gain full control over the application.
The vulnerability of the Juniper Networks Contrail Service Orchestration software platform is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges and gain full control over the application...
The vulnerability of the Juniper Networks Contrail Service Orchestration software lies in a failure of the protection mechanism in the REST API, which allows an attacker to disclose protected information.
The vulnerability of the Juniper Networks Contrail Service Orchestration software is related to a failure in the protection mechanism of the REST API. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected information...
CVE-2022-22189
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...
CVE-2022-22189
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...
CVE-2022-22189 Contrail Service Orchestration: An authenticated local user may have their permissions elevated via the device via management interface without authentication
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...
CVE-2022-22189
CVE-2022-22189 (Contrail Service Orchestration) : An Incorrect Ownership Assignment vulnerability affects Juniper Networks CSO 6.0.0 on on‑prem installations, prior to 6.0.0 Patch v3. A locally authenticated user can elevate permissions and take control of the local system they are authenticated ...
Juniper Networks Contrail Service Orchestration 安全漏洞
Juniper Networks Contrail Service Orchestration is a powerful software platform from Juniper Networks, Inc. for connecting many enterprise and multi-tenant service provider solutions. A security vulnerability exists in Juniper Networks Contrail Service Orchestration CSO versions prior to 6.0.0 th...
CVE-2022-22189
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...
CVE-2022-22152
A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service Orchestration allows one tenant on the system to view confidential configuration details of another tenant on the same system. By utilizing the REST API, one tenant is able to obtain information on...
CVE-2022-22152
A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service Orchestration allows one tenant on the system to view confidential configuration details of another tenant on the same system. By utilizing the REST API, one tenant is able to obtain information on...
CVE-2022-22152 Contrail Service Orchestration: Tenants able to see other tenants policies via REST API interface
A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service Orchestration allows one tenant on the system to view confidential configuration details of another tenant on the same system. By utilizing the REST API, one tenant is able to obtain information on...
CVE-2022-22152
The CVE covers a REST API access-control failure in Juniper Networks Contrail Service Orchestration. A tenant can view confidential configuration details of other tenants (e.g., firewall configuration and access control policies) due to insufficient authorization checks, exposing sensitive inform...
Juniper Networks Contrail Service Orchestration Access Control Error Vulnerability
Juniper Networks Contrail Service Orchestration is a robust software platform from Juniper Networks USA, Inc. used to connect many enterprise and multi-tenant service provider solutions. Juniper Networks Contrail Service Orchestration suffers from an access control error vulnerability that stems...
Juniper Networks Contrail Service Orchestration 访问控制错误漏洞
Juniper Networks Contrail Service Orchestration is a robust software platform from Juniper Networks USA, Inc. used to connect many enterprise and multi-tenant service provider solutions. Juniper Networks Contrail Service Orchestration suffers from an access control error vulnerability that stems...