|
307001
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
An Unimplemented or Unsupported Feature in UI vulnerability in the CLI of Juniper Networks Junos OS Evolved on QFX5000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service…
|
-
|
CVE-2024-47498
|
2024-10-15 21:58 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307002
|
- |
|
-
|
-
|
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.
|
CWE-79
Cross-site Scripting
|
CVE-2024-47875
|
2024-10-15 21:58 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307003
|
- |
|
-
|
-
|
CWE-269: Improper Privilege Management vulnerability exists that could cause unauthorized
access, loss of confidentiality, integrity, and availability of the workstation when non-admin
authenticated …
|
CWE-269
Improper Privilege Management
|
CVE-2024-9002
|
2024-10-15 21:58 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307004
|
- |
|
-
|
-
|
CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could
compromise the Data Center Expert software when an upgrade bundle is manipulated to
include arbitrary bash sc…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2024-8531
|
2024-10-15 21:58 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307005
|
- |
|
-
|
-
|
CWE-306: Missing Authentication for Critical Function vulnerability exists that could
cause exposure of private data when an already generated “logcaptures” archive is accessed
directly by HTTPS.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-8530
|
2024-10-15 21:58 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307006
|
- |
|
-
|
-
|
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component System Settings Page. The …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9856
|
2024-10-15 21:58 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307007
|
- |
|
-
|
-
|
A vulnerability was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM 1.3.8. It has been declared as critical. Affected by this vulnerability is the function uploadFile of the file /admin/SysModule/upload/aj…
|
-
|
CVE-2024-9855
|
2024-10-15 21:58 |
2024-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307008
|
7.5 |
HIGH
Network
|
-
|
-
|
An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series allows an unauthenticated, network-based …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-47497
|
2024-10-15 21:58 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307009
|
5.5 |
MEDIUM
Local
|
-
|
-
|
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).
When a specifi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-47496
|
2024-10-15 21:58 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307010
|
5.9 |
MEDIUM
Network
|
-
|
-
|
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the AgentD process of Juniper Networks Junos OS allows an attacker who is already causing impact to established sessions which gen…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2024-47494
|
2024-10-15 21:58 |
2024-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
