6.3
CVE-2024-39532 - Junos OS and Junos OS Evolved: Confidential information in logs can be accessed by another user
An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive information is stored as plain…
8.7
CVE-2024-39531 - Junos OS Evolved: ACX 7000 Series: Protocol specific DDoS configuration affects other protocols
An Improper Handling of Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service (DoS). If a value is configured for DDoS bandwidth or burst parameters for any pr…
8.7
CVE-2024-39530 - Junos OS: Attempting to access specific sensors on platforms not supporting these will lead to a ch…
An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis management daemon (chassisd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If an attempt is made to access specific sensors on platforms not s…
8.7
CVE-2024-39529 - Junos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario spec…
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If DNS Domain Generation Algorithm (DGA) detection or tunnel detection…
6
CVE-2024-39528 - Junos OS and Junos OS Evolved: Concurrent deletion of a routing-instance and receipt of an SNMP req…
A Use After Free vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service (DoS).On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and …
8.5
CVE-2024-39524 - Junos OS Evolved: CLI parameter processing issue allows privilege escalation
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle …
8.5
CVE-2024-39523 - Junos OS Evolved: CLI parameter processing issue allows privilege escalation
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle …
5.3
CVE-2024-6680 - witmy my-springsecurity-plus build sql injection
A vulnerability classified as critical was found in witmy my-springsecurity-plus up to 2024-07-04. Affected by this vulnerability is an unknown functionality of the file /api/dept/build. The manipulation of the argument params.dataScope leads to sql injection. The attack can be launched remotely. T…
8.5
CVE-2024-39522 - Junos OS Evolved: CLI parameter processing issue allows privilege escalation
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle …
8.5
CVE-2024-39521 - Junos OS Evolved: CLI parameter processing issue allows privilege escalation
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system. The Junos OS Evolved CLI doesn't properly handle …