Lucene search
K

62 matches found

Vulnrichment
Vulnrichment
added 2024/05/16 8:47 p.m.16 views

CVE-2024-21813

Exposure of resource to wrong sphere in some IntelR DTT software installers may allow an authenticated user to potentially enable escalation of privilege via local access...

7.9CVSS7.1AI score0.00187EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.3 views

PT-2024-10053 · Intel · Intel Dtt

Name of the Vulnerable Software and Affected Versions: Intel DTT software affected versions not specified Description: The issue is related to the exposure of resources to the wrong sphere in some Intel DTT software installers, potentially allowing an authenticated user to enable escalation of...

7.9CVSS6.9AI score0.00187EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2024/04/26 12:0 a.m.31 views

Oracle VirtualBox Web Service Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vboxwebsrv service. The issue results from the exposure of a resource to t...

5.9CVSS5.8AI score0.01094EPSS
Exploits0References1
OSV
OSV
added 2024/04/12 3:15 p.m.4 views

CVE-2024-21605

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. Specific valid link-local traffic is not blocked on ports in STP blocked state bu...

7.1CVSS5.7AI score0.00295EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/04/12 2:54 p.m.21 views

CVE-2024-21605 Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. Specific valid link-local traffic is not blocked on ports in STP blocked state bu...

7.1CVSS6.9AI score0.00295EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/11 12:0 a.m.41 views

Juniper Junos OS Vulnerability (JSA75746)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75746 advisory. - An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacen...

7.1CVSS5.7AI score0.00295EPSS
Exploits0References3
Veracode
Veracode
added 2024/04/10 6:59 a.m.13 views

Exposure Of Resource To Wrong Sphere

dirac is vulnerable to Exposure of Resource to Wrong Sphere. The vulnerability is due to the proxy generation process in ProxyFile.py, which allows unauthorized users on the same machine to read the proxy file allowing them to perform any action possible with the original proxy...

8.1CVSS6.9AI score0.00317EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/01/12 1:15 a.m.7 views

CVE-2024-21597

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

7.5CVSS5.8AI score0.00375EPSS
Exploits0References2
NVD
NVD
added 2024/01/12 1:15 a.m.27 views

CVE-2024-21597

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

7.5CVSS6AI score0.00375EPSS
Exploits0References2
Prion
Prion
added 2024/01/12 1:15 a.m.22 views

Design/Logic Flaw

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

5CVSS7.2AI score0.00375EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/12 12:53 a.m.3 views

CVE-2024-21597 Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

5.3CVSS6AI score0.00375EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/12 12:53 a.m.30 views

CVE-2024-21597 Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

5.3CVSS7.7AI score0.00375EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/10 12:0 a.m.5 views

PT-2024-1131 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions earlier than 20.4R3-S9 Juniper Networks Junos OS on MX Series version 21.2 versions earlier than 21.2R3-S3 Juniper Networks Junos OS on MX Series version 21.4 versions earlier than 21.4R3-S5...

7.8CVSS7.4AI score0.00375EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2023/07/25 9:30 a.m.27 views

Apache InLong: General user can delete and update process

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

6.5CVSS6.3AI score0.00933EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2023/07/25 8:15 a.m.20 views

CVE-2023-34189

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

6.5CVSS6.4AI score0.00933EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/07/25 7:8 a.m.17 views

CVE-2023-34189 Apache InLong: General user can delete and update process

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

6.7AI score0.00933EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/25 7:8 a.m.29 views

CVE-2023-34189 Apache InLong: General user can delete and update process

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...

6.6AI score0.00933EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/07/06 9:14 p.m.21 views

Apache InLong Exposure of Resource to Wrong Sphere vulnerability

Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong 1.7.0 or cherry-pick...

7.5CVSS6.8AI score0.01247EPSS
Exploits0References4Affected Software5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/07/03 6:7 a.m.5 views

Multiple vulnerabilities in SoftEther VPN and PacketiX VPN

Overview SoftEther VPN provided by University of Tsukuba SoftEther VPN Project and PacketiX VPN provided by SoftEther Corporation contain multiple vulnerabilities listed below in VPN Client function, and Dynamic DNS Client function included in the VPN server. Heap-based buffer overflow CWE-122 -...

9CVSS8AI score0.01543EPSS
Exploits6References17
OSV
OSV
added 2023/06/30 5:15 a.m.6 views

CVE-2023-32613

Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in...

8.1CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder