6.3
CVE-2024-3690 - PHPGurukul Small CRM Change Password sql injection
A vulnerability classified as critical was found in PHPGurukul Small CRM 3.0. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the publβ¦
8.4
CVE-2024-30381 - Paragon Active Assurance: probe_serviced exposes internal objects to local users
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Juniper Networks Paragon Active Assurance Control Center allows a network-adjacent attacker with root access to a Test Agent Appliance the ability to access sensitive information about downstream devices. The "netroundsβ¦
7.1
CVE-2024-21618 - Junos OS and Junos OS Evolved: When LLDP is enabled and a malformed LLDP packet is received, l2cpd β¦
An Access of Memory Location After End of Buffer vulnerability in the Layer-2 Control Protocols Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when LLDP β¦
5.1
CVE-2024-21615 - Junos OS and Junos OS Evolved: A low-privileged user can access confidential information
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system. On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user perfβ¦
5.3
CVE-2024-21610 - Junos OS: If in a scaled CoS scenario information on CoS state is gathered mgd processes get stuck
An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd) of Juniper Networks Junos OS allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service (DoS). In a scaled CoS scenario with 1000s of interfaces, when spβ¦
7.1
CVE-2024-21609 - Junos OS: MX Series with SPC3, and SRX Series: If specific IPsec parameters are negotiated iked wilβ¦
A Missing Release of Memory after Effective Lifetime vulnerability in the IKE daemon (iked) of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an administratively adjacent attacker which is able to successfully establish IPsec tunnels to cause a Denial of Service (DoS). If β¦
7.1
CVE-2024-21605 - Junos OS: SRX 300 Series: Specific link local traffic causes a control plane overload
An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX 300 Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). Specific valid link-local traffic is not blocked on ports in STP blocked staβ¦
8.7
CVE-2024-21598 - Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd cβ¦
An Improper Validation of Syntactic Correctness of Input vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). If a BGP update is received over an established BGP sesβ¦
7.1
CVE-2024-21593 - Junos OS: MX Series with MPC10, MPC11, LC9600, and MX304: A specific MPLS packet will cause a PFE cβ¦
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If an attacker sends a specific MPLS packet, which upon proβ¦
7.1
CVE-2024-21590 - Junos OS Evolved: Packets which are not destined to the device can reach the RE
An Improper Input Validation vulnerability in Juniper Tunnel Driver (jtd) and ICMP module of Juniper Networks Junos OS Evolved allows an unauthenticated attacker within the MPLS administrative domain to send specifically crafted packets to the Routing Engine (RE) to cause a Denial of Service (DoS).β¦