62 matches found
CVE-2024-21813
Exposure of resource to wrong sphere in some IntelR DTT software installers may allow an authenticated user to potentially enable escalation of privilege via local access...
PT-2024-10053 · Intel · Intel Dtt
Name of the Vulnerable Software and Affected Versions: Intel DTT software affected versions not specified Description: The issue is related to the exposure of resources to the wrong sphere in some Intel DTT software installers, potentially allowing an authenticated user to enable escalation of...
Oracle VirtualBox Web Service Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vboxwebsrv service. The issue results from the exposure of a resource to t...
CVE-2024-21605
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. Specific valid link-local traffic is not blocked on ports in STP blocked state bu...
CVE-2024-21605 Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. Specific valid link-local traffic is not blocked on ports in STP blocked state bu...
Juniper Junos OS Vulnerability (JSA75746)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75746 advisory. - An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacen...
Exposure Of Resource To Wrong Sphere
dirac is vulnerable to Exposure of Resource to Wrong Sphere. The vulnerability is due to the proxy generation process in ProxyFile.py, which allows unauthorized users on the same machine to read the proxy file allowing them to perform any action possible with the original proxy...
CVE-2024-21597
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...
CVE-2024-21597
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...
Design/Logic Flaw
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...
CVE-2024-21597 Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...
CVE-2024-21597 Junos OS: MX Series: In an AF scenario traffic can bypass configured lo0 firewall filters
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...
PT-2024-1131 · Juniper Networks · Junos
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series versions earlier than 20.4R3-S9 Juniper Networks Junos OS on MX Series version 21.2 versions earlier than 21.2R3-S3 Juniper Networks Junos OS on MX Series version 21.4 versions earlier than 21.4R3-S5...
Apache InLong: General user can delete and update process
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
CVE-2023-34189
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
CVE-2023-34189 Apache InLong: General user can delete and update process
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
CVE-2023-34189 Apache InLong: General user can delete and update process
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrences. Users are advised to...
Apache InLong Exposure of Resource to Wrong Sphere vulnerability
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong. This issue affects Apache InLong from 1.4.0 through 1.6.0. Attackers can change the immutable name and type of nodes of InLong. Users are advised to upgrade to Apache InLong 1.7.0 or cherry-pick...
Multiple vulnerabilities in SoftEther VPN and PacketiX VPN
Overview SoftEther VPN provided by University of Tsukuba SoftEther VPN Project and PacketiX VPN provided by SoftEther Corporation contain multiple vulnerabilities listed below in VPN Client function, and Dynamic DNS Client function included in the VPN server. Heap-based buffer overflow CWE-122 -...
CVE-2023-32613
Exposure of resource to wrong sphere issue exists in WL-WN531AX2 firmware versions prior to 2023526, which may allow a network-adjacent attacker to use functions originally available after login without logging in...