Design/Logic Flaw

An issue was discovered in the Phonos extension in MediaWiki before 1.40.2. PhonosButton.js allows i18n-based XSS via the phonos-purge-needed-error message...

Design/Logic Flaw

An issue was discovered in the GlobalBlocking extension in MediaWiki before 1.40.2. For a Special:GlobalBlock?uselang=x-xss URI, i18n-based XSS can occur via the parentheses message. This affects subtitle links in buildSubtitleLinks...

Open redirect

Rejected reason: This CVE ID was unused by the CNA...

Design/Logic Flaw

An issue was discovered in the WatchAnalytics extension in MediaWiki before 1.40.2. XSS can occur via the Special:PageStatistics page parameter...

Design/Logic Flaw

An issue was discovered in the Cargo extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:Drilldown page allows XSS via artist, album, and position parameters because of applied filter values in drilldown/CargoAppliedFilter.php...

Code injection

An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via message definitions. e.g., in SpecialCheckUserLog...

Cross site scripting

An issue was discovered in the CampaignEvents extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:EventDetails page allows XSS via the x-xss language setting for internationalization i18n...

Format string

An issue was discovered in the PageTriage extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via the rev-deleted-user, pagetriage-tags-quickfilter-label, pagetriage-triage, pagetriage-filter-date-range-format-placeholder,...

Sql injection

A vulnerability was found in Weitong Mall 1.0.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file platform-shop\src\main\resources\com\platform\dao\OrderDao.xml. The manipulation of the argument sidx/order leads to sql injection. The...

Buffer overflow

uev aka libuev before 2.4.1 has a buffer overflow in epollwait if maxevents is a large number...

Design/Logic Flaw

An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service panic because inputsetcapability mishandles the situation in which an event code falls outside of a bitmap...

Code injection

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in cloudfavorites favorites-web 1.3.0. Affected by this issue is some unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has...

Design/Logic Flaw

ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor. This fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity. Version which is lower than...

Buffer overflow

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Hancom HCell on Windows allows Overflow Buffers.This issue affects HCell: 12.0.0.893...

Integer overflow

In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows...

Improper access control

An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 netfilter: nftables: Reject tables of unsupported family; While creating a new netfilter table, lack of a safeguard against invalid nftables family pf values within nftablesnewtable function enables ...

Input validation

An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Network Junos OS on MX Series allows a network based attacker with low privileges to cause a denial of service. If a scaled configuration for Source class usage SCU / destination class usage DCU more th...

Design/Logic Flaw

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

Design/Logic Flaw

An Improper Handling of Exceptional Conditions vulnerability in the broadband edge subscriber management daemon bbe-smgd of Juniper Networks Junos OS on MX Series allows an attacker directly connected to the vulnerable system who repeatedly flaps DHCP subscriber sessions to cause a slow memory...

Improper access control

An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated network-based attacker to access reports without authenticating, potentially containing sensitive configuration information. A feature was introduced in version 3.1.0...

Cross site scripting

An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS, or Remote Code Execution RCE and obtain root privileges on the device. This issue is caused by use of an...

Heap overflow

A Heap-based Buffer Overflow vulnerability in the Network Services Daemon NSD of Juniper Networks Junos OS allows authenticated, low privileged, local attacker to cause a Denial of Service DoS. On an SRX 5000 Series device, when executing a specific command repeatedly, memory is corrupted, which...

Input validation

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If an attacker sends high rate of specific ICMP traffic to a device with VXLAN...

Heap overflow

A Heap-based Buffer Overflow vulnerability in the Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service DoS. If an attacker sends a specific BGP UPDATE message to the device, this will cause a...

Heap overflow

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service DoS. If an MX Series device receives PTP packets on an MPC3E that doesn't...

Race condition

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...

Null pointer dereference

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...

Design/Logic Flaw

An Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on MX Series and EX9200 Series allows an unauthenticated, network-based attacker to cause partial impact to the integrity of the device. If the "tcp-reset" option is added to the "reject" action in an IPv6 filter which...

Input validation

An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol OFP service of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. On all Junos OS Evolved platforms, when specific TCP packets are...

Memory corruption

A Missing Release of Memory after Effective Lifetime vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause an rpd crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved platforms,...

Input validation

An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series and SRX Series platforms, when SIP ALG is enabled, and a...

Code injection

An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a high rate of specific valid packets are processed by the routing engine RE this will le...

Design/Logic Flaw

An Improper Handling of Exceptional Conditions vulnerability in BGP session processing of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker, using specific timing outside the attacker's control, to flap BGP sessions and cause the routing protocol daem...

Double free

A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets ...

Design/Logic Flaw

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Juniper Flow Monitoring jflow scenario route churn that...

Design/Logic Flaw

An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause rpd to crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved...

Input validation

An Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper DHCP Daemon jdhcpd of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause the jdhcpd to consume all the CPU cycles resulting in a Denial of Service DoS. On Junos OS devices with...

Path traversal

An Improper Neutralization of Equivalent Special Elements vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on PTX Series allows a unauthenticated, adjacent attacker to cause a Denial of Service DoS. When MPLS packets are meant to be sent to a flexible tunnel interfac...

Design/Logic Flaw

An Incomplete Cleanup vulnerability in Nonstop active routing NSR component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of Service DoS. On all Junos OS platforms, when NSR is enabled, a BGP flap will cause memory leak. A manual...

Design/Logic Flaw

A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgrouprstatflush is only called at cssreleaseworkfn, which is called when the blkcg reference count reaches 0. This circula...

Code injection

ONTAP versions 9.4 and higher are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information to unprivileged attackers when the object-store profiler command is being run by an administrative user...

Design/Logic Flaw

A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the X-Forwarded-For function in the header...

Unrestricted file upload

File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the startimport.php file...

Privilege escalation

Microsoft Edge Chromium-based Elevation of Privilege Vulnerability...

Design/Logic Flaw

A vulnerability was found in meetyoucrop big-whale 1.1 and classified as critical. Affected by this issue is some unknown functionality of the file /auth/user/all.api of the component Admin Module. The manipulation of the argument id leads to improper ownership management. The attack may be...

Authentication flaw

The number of attempts to bring the Hozard Alarm system alarmsystemen v1.0 to a disarmed state is not limited. This could allow an attacker to perform a brute force on the SMS authentication, to bring the alarm system to a disarmed state...

Design/Logic Flaw

Missing encryption in the RFID tags of the Hozard alarm system Alarmsysteem v1.0 allow attackers to create a cloned tag via brief physical proximity to one of the original tags, which results in an attacker being able to bring the alarm system to a disarmed state...

Security feature bypass

Microsoft Edge Chromium-based Security Feature Bypass Vulnerability...

Design/Logic Flaw

Flient Smart Door Lock v1.0 is vulnerable to Use of Default Credentials. Due to default credentials on a debug interface, in combination with certain design choices, an attacker can unlock the Flient Smart Door Lock by replacing the fingerprint that is stored on the scanner...