|
252571
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-0048
|
2024-11-21 12:37 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252572
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. Continued receipt of this specifically crafted malicious MPLS packet wi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-0049
|
2024-11-21 12:37 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252573
|
8.8 |
HIGH
Adjacent
|
juniper
|
junos
|
Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending the same s…
|
CWE-20
Improper Input Validation
|
CVE-2018-0045
|
2024-11-21 12:37 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252574
|
8.8 |
HIGH
Adjacent
|
juniper
|
junos
|
Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuously sending specific MPLS packets, an atta…
|
CWE-20
Improper Input Validation
|
CVE-2018-0043
|
2024-11-21 12:37 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252575
|
6.5 |
MEDIUM
Adjacent
|
cisco
|
ios_xe
ios
|
A vulnerability in the VLAN Trunking Protocol (VTP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on…
|
CWE-20
Improper Input Validation
|
CVE-2018-0197
|
2024-11-21 12:37 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252576
|
5.9 |
MEDIUM
Network
|
cisco
|
ios
ios_xe
|
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Inte…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2018-0131
|
2024-11-21 12:37 |
2018-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252577
|
9.8 |
CRITICAL
Network
|
juniper
|
contrail_service_orchestration
|
Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-0042
|
2024-11-21 12:37 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252578
|
9.8 |
CRITICAL
Network
|
juniper
|
contrail_service_orchestration
|
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to access Keystone service. These credentials allow network based attackers unauthorized access to in…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-0041
|
2024-11-21 12:37 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252579
|
9.8 |
CRITICAL
Network
|
juniper
|
contrail_service_orchestration
|
Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized ac…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-0040
|
2024-11-21 12:37 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252580
|
9.8 |
CRITICAL
Network
|
juniper
|
contrail_service_orchestration
|
Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorize…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-0039
|
2024-11-21 12:37 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
