Total
12330 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-0032 | 1 Juniper | 1 Junos | 2024-11-21 | N/A |
| The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart. Repeated receipt of the same crafted BGP UPDATE can result in an extended denial of service condition for the device. This issue only affects the specific versions of Junos OS listed within this advisory. Earlier releases are unaffected by this vulnerability. This crafted BGP UPDATE does not propagate to other BGP peers. Affected releases are Juniper Networks Junos OS: 16.1X65 versions prior to 16.1X65-D47; 17.2X75 versions prior to 17.2X75-D91, 17.2X75-D110; 17.3 versions prior to 17.3R1-S4, 17.3R2; 17.4 versions prior to 17.4R1-S3, 17.4R2. | ||||
| CVE-2018-0027 | 1 Juniper | 1 Junos | 2024-11-21 | N/A |
| Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash. When RPD is unavailable, routing updates cannot be processed which can lead to an extended network outage. If RSVP is not enabled on an interface, then the issue cannot be triggered via that interface. This issue only affects Juniper Networks Junos OS 16.1 versions prior to 16.1R3. This issue does not affect Junos releases prior to 16.1R1. | ||||
| CVE-2018-0020 | 1 Juniper | 29 Ex2300, Ex3400, Junos and 26 more | 2024-11-21 | N/A |
| Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a repeated malformed BGP UPDATEs can result in an extended denial of service condition for the device. This malformed BGP UPDATE does not propagate to other BGP peers. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D130 on SRX; 15.1X53 versions prior to 15.1X53-D66 on QFX10K; 15.1X53 versions prior to 15.1X53-D58 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471 on NFX; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S3, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D47; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R2-S3, 17.1R3; 17.2 versions prior to 17.2R1-S3, 17.2R2-S1, 17.2R3; 17.2X75 versions prior to 17.2X75-D70; 13.2 versions above and including 13.2R1. Versions prior to 13.2R1 are not affected. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. | ||||
| CVE-2018-0019 | 1 Juniper | 12 Ex2300, Ex3400, Ex4300 and 9 more | 2024-11-21 | N/A |
| A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. While a mib2d process crash can disrupt the network monitoring via SNMP, it does not impact routing, switching or firewall functionalities. SNMP is disabled by default on devices running Junos OS. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D76; 12.3 versions prior to 12.3R12-S7, 12.3R13; 12.3X48 versions prior to 12.3X48-D65; 14.1 versions prior to 14.1R9; 14.1X53 versions prior to 14.1X53-D130; 15.1 versions prior to 15.1F2-S20, 15.1F6-S10, 15.1R7; 15.1X49 versions prior to 15.1X49-D130; 15.1X53 versions prior to 15.1X53-D233, 15.1X53-D471, 15.1X53-D472, 15.1X53-D58, 15.1X53-D66; 16.1 versions prior to 16.1R5-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D47; 16.1X70 versions prior to 16.1X70-D10; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R2-S6, 17.1R3; | ||||
| CVE-2018-0017 | 1 Juniper | 1 Junos | 2024-11-21 | N/A |
| A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition for the SRX device. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D72; 12.3X48 versions prior to 12.3X48-D55; 15.1X49 versions prior to 15.1X49-D90. | ||||
| CVE-2017-9376 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2024-11-21 | N/A |
| ManageEngine ServiceDesk Plus before 9314 contains a local file inclusion vulnerability in the defModule parameter in DefaultConfigDef.do and AssetDefaultConfigDef.do. | ||||
| CVE-2017-9312 | 1 Rockwellautomation | 2 Allen-bradley L30erms, Allen-bradley L30erms Firmware | 2024-11-21 | N/A |
| Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately. | ||||
| CVE-2017-9279 | 1 Netiq | 1 Identity Manager | 2024-11-21 | N/A |
| NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users. | ||||
| CVE-2017-9270 | 1 Opensuse | 1 Cryptctl | 2024-11-21 | N/A |
| In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database. | ||||
| CVE-2017-9269 | 1 Opensuse | 1 Libzypp | 2024-11-21 | N/A |
| In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential malicious content. | ||||
| CVE-2017-8983 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found. | ||||
| CVE-2017-8981 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0506 was found. | ||||
| CVE-2017-8977 | 1 Hp | 1 Moonshot Provisioning Manager Appliance | 2024-11-21 | N/A |
| A Remote Denial of Service vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found. | ||||
| CVE-2017-8976 | 1 Hp | 1 Moonshot Provisioning Manager Appliance | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found. | ||||
| CVE-2017-8975 | 1 Hp | 1 Moonshot Provisioning Manager Appliance | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance version v1.20 was found. | ||||
| CVE-2017-8973 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | N/A |
| An improper input validation vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found. | ||||
| CVE-2017-8972 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | N/A |
| A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found. | ||||
| CVE-2017-8971 | 1 Hp | 1 Matrix Operating Environment | 2024-11-21 | N/A |
| A clickjacking vulnerability in HPE Matrix Operating Environment version 7.6 LR1 was found. | ||||
| CVE-2017-8969 | 1 Hp | 1 Insight Control | 2024-11-21 | N/A |
| An improper input validation vulnerability in HPE Insight Control version 7.6 LR1 was found. | ||||
| CVE-2017-8957 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | N/A |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.2 was found. | ||||