9 matches found
CVE-2024-5313
CVE-2024-5313 is associated with Schneider Electric EVlink Home Smart chargers. Public sources describe a CWE-668 “Exposure of the Resource Wrong Sphere” issue where an SSH interface is exposed on the product network interface. Affected versions include EVlink Home Smart v2.0.4.1.2_131 and v2.0.3...
CVE-2024-21605 Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. Specific valid link-local traffic is not blocked on ports in STP blocked state bu...
CVE-2024-21597
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...
Design/Logic Flaw
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...
CVE-2024-21597 Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...
CVE-2023-34189 Apache InLong: General user can delete and update process
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
CVE-2023-34189 Apache InLong: General user can delete and update process
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
Apache InLong Exposure of Resource to Wrong Sphere vulnerability
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong 1.7.0 or cherry-pick...
CVE-2022-26121
An exposure of resource to wrong sphere vulnerability CWE-668 in FortiAnalyzer and FortiManager GUI 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11, 5.6.0 through 5.6.11 may allow an unauthenticated and remote attacker to access report template images via...