CVE-2021-31380

A configuration weakness in the JBoss Application Server AppSvr component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive...

CVE-2021-31380

A configuration weakness in the JBoss Application Server AppSvr component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive...

CVE-2021-31352

An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit thi...

Design/Logic Flaw

A configuration weakness in the JBoss Application Server AppSvr component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system...

CVE-2021-31381

CVE-2021-31381 refers to a configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series. A remote attacker can send a specially crafted query that may cause the web server to delete files, impacting integrity and availability. The NVD metrics show a hig...

CVE-2021-31380 SRC Series: A remote attacker sending a specially crafted query may cause the web server to disclose sensitive information

A configuration weakness in the JBoss Application Server AppSvr component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to disclose sensitive information in the HTTP response which allows the attacker to obtain sensitive...

CVE-2021-31380

CVE-2021-31380 affects the JBoss Application Server (AppSvr) component in Juniper Networks SRC Series. A configuration weakness allows a remote attacker to send a crafted query that makes the web server disclose sensitive information in the HTTP response. This CVE entry sources from NVD with a CV...

CVE-2021-31352 SRC Series: NETCONF over SSH allows negotiation of weak ciphers

An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit thi...

CVE-2021-31352

The CVE describes an Information Exposure in Juniper Networks SRC Series devices when configured for NETCONF over SSH, caused by negotiation of weak ciphers. The vulnerability could allow a remote attacker with read/write access to network data to display plaintext bits from a ciphertext block an...

PT-2021-19253 · Juniper Networks · Juniper Networks Src Series

Name of the Vulnerable Software and Affected Versions: Juniper Networks SRC Series versions prior to 4.13.0-R6 Description: An Information Exposure issue in Juniper Networks SRC Series devices configured for NETCONF over SSH allows the negotiation of weak ciphers. This could enable a remote...

CVE-2021-41459

GPAC MP4Box (v1.0.1) contains a stack buffer overflow in nhmldmx_send_sample() at src/filters/dmx_nhml.c:1008 (szXmlFrom) leading to DoS. The issue is documented as CVE-2021-41459. Debian/DSA-5411 notes the fixed version for bullseye is gpac 1.0.1+dfsg1-4+deb11u2, indicating a package upgrade as ...

CVE-2021-41457

There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmxnhml.c in nhmldmxinitparsing which leads to a denial of service vulnerability...

CVE-2021-41459

There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmxnhml.c:1008 in the nhmldmxsendsample function szXmlFrom parameter which leads to a denial of service vulnerability...

Prototype Pollution

zrender is vulnerable to prototype pollution. An attacker is able to inject malicious property using merge and clone helper methods in the src/core/util.ts causing prototype pollution via proto...

The vulnerability of the testcase_read() function in the src/testcase.c component of the Libsolv library, which is related to buffer overflow in memory, allows a attacker to cause a service failure.

The vulnerability of the testcaseread function in the src/testcase.c component of the Libsolv library is related to buffer overflow in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Buffer overflow vulnerability in function pool_installable_whatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service.

...

CVE-2021-33930

Buffer overflow vulnerability in function poolinstallablewhatprovides in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service...

CVE-2021-33928

Buffer overflow vulnerability in function poolinstallable in src/repo.h in libsolv before 0.7.17 allows attackers to cause a Denial of Service...

openssl-sys (>=0.9.35 <=0.9.37) potentially affected by CVE-2021-3449 via openssl-src (=110.0.7+1.1.0i)

openssl-src CARGO version =110.0.7+1.1.0i is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - openssl-sys =0.9.35, =0.9.37 Source cves: CVE-2021-3449 Source advisory: OSV:GHSA-83MX-573X-5RW9...

openssl-sys (>=0.9.35 <=0.9.37) potentially affected by CVE-2021-23841 via openssl-src (=110.0.7+1.1.0i)

openssl-src CARGO version =110.0.7+1.1.0i is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - openssl-sys =0.9.35, =0.9.37 Source cves: CVE-2021-23841 Source advisory: OSV:GHSA-84RM-QF37-FGC2...