| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0232 | Hig | 0.64 | 8.1 | 1.00 | Apr 15, 2019 | When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet… | ||
| CVE-2019-3891 | Hig | 0.51 | 7.8 | 0.01 | Apr 15, 2019 | It was discovered that a world-readable log file belonging to Candlepin component of Red Hat Satellite 6.4 leaked the credentials of the Candlepin database. A malicious user with local access to a Satellite host can use those credentials to modify the database and prevent… | ||
| CVE-2019-11229 | Hig | 0.07 | 8.8 | 0.56 | Apr 15, 2019 | models/repo_mirror.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 mishandles mirror repo URL settings, leading to remote code execution. | ||
| CVE-2019-11228 | Hig | 0.00 | 7.5 | 0.01 | Apr 15, 2019 | repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 does not validate the form.MirrorAddress before calling SaveAddress. | ||
| CVE-2019-11222 | Hig | 0.00 | 7.8 | 0.01 | Apr 15, 2019 | gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafted_drm_file.xml file. | ||
| CVE-2019-11221 | Hig | 0.51 | 7.8 | 0.01 | Apr 15, 2019 | GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media_import.c. | ||
| CVE-2017-7777 | Hig | 0.57 | 8.8 | 0.01 | Apr 15, 2019 | Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function. | ||
| CVE-2017-7776 | Hig | 0.53 | 8.1 | 0.03 | Apr 15, 2019 | Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph. | ||
| CVE-2017-7773 | Hig | 0.57 | 8.8 | 0.01 | Apr 15, 2019 | Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor. | ||
| CVE-2017-7771 | Hig | 0.46 | 8.1 | 0.01 | Apr 15, 2019 | Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function. | ||
| CVE-2017-18366 | Hig | 0.50 | 8.8 | 0.01 | Apr 15, 2019 | Subrion CMS 4.1.5 has CSRF in blog/delete/. | ||
| CVE-2017-7772 | Hig | 0.57 | 8.8 | 0.01 | Apr 12, 2019 | Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function. | ||
| CVE-2018-6269 | Hig | 0.51 | 7.8 | 0.00 | Apr 12, 2019 | NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code… | ||
| CVE-2019-11213 | Hig | 0.53 | 8.1 | 0.03 | Apr 12, 2019 | In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for… | ||
| CVE-2019-6534 | Hig | 0.51 | 7.8 | 0.02 | Apr 11, 2019 | The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file. | ||
| CVE-2019-6525 | Hig | 0.57 | 8.8 | 0.01 | Apr 11, 2019 | AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account for authentication of system processes and inter-node communications. A user with low privileges could make use of an API to obtain the credentials for this account. | ||
| CVE-2018-20487 | Hig | 0.57 | 8.8 | 0.02 | Apr 11, 2019 | An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall… | ||
| CVE-2019-9628 | — | Hig | 0.49 | 7.5 | 0.02 | Apr 11, 2019 | The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and… | |
| CVE-2019-9056 | Hig | 0.57 | 8.8 | 0.01 | Apr 11, 2019 | An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php), it is possible to reach an unserialize call with an untrusted __FEU__ cookie, and achieve authenticated object… | ||
| CVE-2019-9976 | Hig | 0.57 | 8.8 | 0.01 | Apr 11, 2019 | The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users. | ||
| CVE-2019-9975 | Hig | 0.49 | 7.5 | 0.01 | Apr 11, 2019 | DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key. | ||
| CVE-2019-6610 | Hig | 0.56 | 8.6 | 0.01 | Apr 11, 2019 | On BIG-IP versions 14.0.0-14.0.0.4, 13.0.0-13.1.1.1, 12.1.0-12.1.4, 11.6.0-11.6.3.4, and 11.5.1-11.5.8, the system is vulnerable to a denial of service attack when performing URL classification. | ||
| CVE-2019-5024 | Hig | 0.49 | 7.6 | 0.00 | Apr 11, 2019 | A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment,… | ||
| CVE-2018-17305 | Hig | 0.57 | 8.8 | 0.02 | Apr 11, 2019 | UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even administrators) leading to privilege escalation and remote code execution. | ||
| CVE-2019-3916 | Hig | 0.49 | 7.5 | 0.02 | Apr 11, 2019 | Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api). | ||
| CVE-2019-3845 | Hig | 0.52 | 8.0 | 0.01 | Apr 11, 2019 | A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite (or… | ||
| CVE-2019-3915 | Hig | 0.49 | 7.5 | 0.01 | Apr 11, 2019 | Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface. | ||
| CVE-2019-3914 | Hig | 0.49 | 7.2 | 0.30 | Apr 11, 2019 | Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname. | ||
| CVE-2019-11078 | Hig | 0.57 | 8.8 | 0.01 | Apr 11, 2019 | MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI. | ||
| CVE-2019-11077 | Hig | 0.57 | 8.8 | 0.01 | Apr 11, 2019 | FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI. | ||
| CVE-2019-3943 | Hig | 0.53 | 8.1 | 0.04 | Apr 10, 2019 | MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read… | ||
| CVE-2019-11071 | Hig | 0.57 | 8.8 | 0.03 | Apr 10, 2019 | SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled. | ||
| CVE-2019-11069 | Hig | 0.42 | 7.5 | 0.02 | Apr 10, 2019 | Sequelize version 5 before 5.3.0 does not properly ensure that standard conforming strings are used. | ||
| CVE-2019-1003049 | Hig | 0.46 | 8.1 | 0.02 | Apr 10, 2019 | Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject… | ||
| CVE-2019-0283 | Hig | 0.46 | 7.1 | 0.01 | Apr 10, 2019 | SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be… | ||
| CVE-2019-0279 | Hig | 0.57 | 8.8 | 0.01 | Apr 10, 2019 | ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an… | ||
| CVE-2018-19453 | Hig | 0.57 | 8.8 | 0.01 | Apr 10, 2019 | Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type. | ||
| CVE-2019-9694 | Hig | 0.51 | 7.8 | 0.00 | Apr 10, 2019 | Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from… | ||
| CVE-2019-0229 | Hig | 0.57 | 8.8 | 0.02 | Apr 10, 2019 | A number of HTTP endpoints in the Airflow webserver (both RBAC and classic) did not have adequate protection and were vulnerable to cross-site request forgery attacks. | ||
| CVE-2019-0044 | Hig | 0.49 | 7.5 | 0.02 | Apr 10, 2019 | Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of… | ||
| CVE-2019-0043 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2019 | In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No… | ||
| CVE-2019-0041 | Hig | 0.56 | 8.6 | 0.01 | Apr 10, 2019 | On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on… | ||
| CVE-2019-0039 | Hig | 0.53 | 8.1 | 0.01 | Apr 10, 2019 | If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a… | ||
| CVE-2019-0037 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2019 | In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the… | ||
| CVE-2019-0033 | Hig | 0.49 | 7.5 | 0.02 | Apr 10, 2019 | A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS). This issue affects only IPv4. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and… | ||
| CVE-2019-0032 | Hig | 0.51 | 7.8 | 0.00 | Apr 10, 2019 | A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. A locally authenticated attacker who is able to access these stored plaintext credentials can use them to login to the Organization. Affected… | ||
| CVE-2019-0031 | Hig | 0.49 | 7.5 | 0.02 | Apr 10, 2019 | Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request… | ||
| CVE-2019-0028 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2019 | On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and… | ||
| CVE-2019-0019 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2019 | When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS:… | ||
| CVE-2019-10946 | Hig | 0.49 | 7.5 | 0.01 | Apr 10, 2019 | An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users. |
- risk 0.64cvss 8.1epss 1.00
When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The CGI Servlet…
- risk 0.51cvss 7.8epss 0.01
It was discovered that a world-readable log file belonging to Candlepin component of Red Hat Satellite 6.4 leaked the credentials of the Candlepin database. A malicious user with local access to a Satellite host can use those credentials to modify the database and prevent…
- risk 0.07cvss 8.8epss 0.56
models/repo_mirror.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 mishandles mirror repo URL settings, leading to remote code execution.
- risk 0.00cvss 7.5epss 0.01
repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 does not validate the form.MirrorAddress before calling SaveAddress.
- risk 0.00cvss 7.8epss 0.01
gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafted_drm_file.xml file.
- risk 0.51cvss 7.8epss 0.01
GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media_import.c.
- risk 0.57cvss 8.8epss 0.01
Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::read_glyph function.
- risk 0.53cvss 8.1epss 0.03
Heap-based Buffer Overflow read in Graphite2 library in Firefox before 54 in graphite2::Silf::getClassGlyph.
- risk 0.57cvss 8.8epss 0.01
Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor.
- risk 0.46cvss 8.1epss 0.01
Out-of-bounds read in Graphite2 Library in Firefox before 54 in graphite2::Pass::readPass function.
- risk 0.50cvss 8.8epss 0.01
Subrion CMS 4.1.5 has CSRF in blog/delete/.
- risk 0.57cvss 8.8epss 0.01
Heap-based Buffer Overflow in Graphite2 library in Firefox before 54 in lz4::decompress function.
- risk 0.51cvss 7.8epss 0.00
NVIDIA Jetson TX2 contains a vulnerability in the kernel driver where input/output control (IOCTL) handling for user mode requests could create a non-trusted pointer dereference, which may lead to information disclosure, denial of service, escalation of privileges, or code…
- risk 0.53cvss 8.1epss 0.03
In Pulse Secure Pulse Desktop Client and Network Connect, an attacker could access session tokens to replay and spoof sessions, and as a result, gain unauthorized access as an end user, a related issue to CVE-2019-1573. (The endpoint would need to be already compromised for…
- risk 0.51cvss 7.8epss 0.02
The uncontrolled search path element vulnerability in Gemalto Sentinel UltraPro Client Library ux32w.dll Versions 1.3.0, 1.3.1, and 1.3.2 enables an attacker to load and execute a malicious file.
- risk 0.57cvss 8.8epss 0.01
AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account for authentication of system processes and inter-node communications. A user with low privileges could make use of an API to obtain the credentials for this account.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall…
- risk 0.49cvss 7.5epss 0.02
The XMLTooling library all versions prior to V3.0.4, provided with the OpenSAML and Shibboleth Service Provider software, contains an XML parsing class. Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser class and…
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php), it is possible to reach an unserialize call with an untrusted __FEU__ cookie, and achieve authenticated object…
- risk 0.57cvss 8.8epss 0.01
The Boa server configuration on DASAN H660RM devices with firmware 1.03-0022 logs POST data to the /tmp/boa-temp file, which allows logged-in users to read the credentials of administration web interface users.
- risk 0.49cvss 7.5epss 0.01
DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data stored using this key can be decrypted by anyone able to access this key.
- risk 0.56cvss 8.6epss 0.01
On BIG-IP versions 14.0.0-14.0.0.4, 13.0.0-13.1.1.1, 12.1.0-12.1.4, 11.6.0-11.6.3.4, and 11.5.1-11.5.8, the system is vulnerable to a denial of service attack when performing URL classification.
- risk 0.49cvss 7.6epss 0.00
A restricted environment escape vulnerability exists in the “kiosk mode” function of Capsule Technologies SmartLinx Neuron 2 medical information collection devices running versions 9.0.3 or lower. A specific series of keyboard inputs can escape the restricted environment,…
- risk 0.57cvss 8.8epss 0.02
UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even administrators) leading to privilege escalation and remote code execution.
- risk 0.49cvss 7.5epss 0.02
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an remote, unauthenticated attacker to retrieve the value of the password salt by simply requesting an API URL in a web browser (e.g. /api).
- risk 0.52cvss 8.0epss 0.01
A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite (or…
- risk 0.49cvss 7.5epss 0.01
Authentication Bypass by Capture-replay vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows an unauthenticated attacker with adjacent network access to intercept and replay login requests to gain access to the administrative web interface.
- risk 0.49cvss 7.2epss 0.30
Remote command injection vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02.01.00.05 allows a remote, authenticated attacker to execute arbitrary commands on the target device by adding an access control rule for a network object with a crafted hostname.
- risk 0.57cvss 8.8epss 0.01
MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI.
- risk 0.57cvss 8.8epss 0.01
FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI.
- risk 0.53cvss 8.1epss 0.04
MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 and below, and Testing 6.44beta75 and below are vulnerable to an authenticated, remote directory traversal via the HTTP or Winbox interfaces. An authenticated, remote attack can use this vulnerability to read…
- risk 0.57cvss 8.8epss 0.03
SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary code on the host server because var_memotri is mishandled.
- risk 0.42cvss 7.5epss 0.02
Sequelize version 5 before 5.3.0 does not properly ensure that standard conforming strings are used.
- risk 0.46cvss 8.1epss 0.02
Users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, because the fix for CVE-2019-1003004 in these releases did not reject…
- risk 0.46cvss 7.1epss 0.01
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; is vulnerable to Digital Signature Spoofing. It is possible to spoof XML signatures and send arbitrary requests to the server via PI Axis adapter. These requests will be…
- risk 0.57cvss 8.8epss 0.01
ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an…
- risk 0.57cvss 8.8epss 0.01
Kentico CMS before 11.0.45 allows unrestricted upload of a file with a dangerous type.
- risk 0.51cvss 7.8epss 0.00
Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from…
- risk 0.57cvss 8.8epss 0.02
A number of HTTP endpoints in the Airflow webserver (both RBAC and classic) did not have adequate protection and were vulnerable to cross-site request forgery attacks.
- risk 0.49cvss 7.5epss 0.02
Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process causing prolonged Denial of…
- risk 0.49cvss 7.5epss 0.01
In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No…
- risk 0.56cvss 8.6epss 0.01
On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R1-S2, 18.2R2 on…
- risk 0.53cvss 8.1epss 0.01
If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a…
- risk 0.49cvss 7.5epss 0.01
In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the…
- risk 0.49cvss 7.5epss 0.02
A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS). This issue affects only IPv4. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and…
- risk 0.51cvss 7.8epss 0.00
A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. A locally authenticated attacker who is able to access these stored plaintext credentials can use them to login to the Organization. Affected…
- risk 0.49cvss 7.5epss 0.02
Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request…
- risk 0.49cvss 7.5epss 0.01
On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and…
- risk 0.49cvss 7.5epss 0.01
When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS:…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of com_users lacks access checks, allowing calls from unauthenticated users.