Vulnerability & Exploit Database

Displaying entries 21 - 30 of 125212 in total

SUSE: CVE-2018-5335: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: January 10, 2018

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.

Juniper Junos OS: 2018-01 Security Bulletin: Junos OS: A crafted MPLS packet may lead to a kernel crash (JSA10831) (CVE-2018-0003) Vulnerability

  • Severity: 4
  • Published: January 09, 2018

A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Subsequently, if this stored information is accessed, this may result in a kernel crash leading to a denial of service. Affected releases are Juniper Networks Junos OS: 12.1X46 versions p...

Juniper Junos OS: 2018-01 Security Bulletin: Junos OS: MAC move limit configured to drop traffic may forward traffic. (JSA10833) (CVE-2018-0005) Vulnerability

  • Severity: 4
  • Published: January 09, 2018

QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15.1X53 versions prior to 15.1X53-D55; 15....

Juniper Junos OS: 2018-01 Security Bulletin: MX series, SRX series: Junos OS: Denial of service vulnerability in Flowd on devices with ALG enabled. (JSA10829) (CVE-2018-0002) Vulnerability

  • Severity: 4
  • Published: January 09, 2018

On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in an extended Denial of Service condition. ...

Juniper Junos OS: 2018-01 Security Bulletin: Junos OS: Kernel Denial of Service Vulnerability (JSA10832) (CVE-2018-0004) Vulnerability

  • Severity: 4
  • Published: January 09, 2018

A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. This affects one or more threads and conversely one or more running processes running ...

Ubuntu: USN-3522-3: Linux kernel regression Vulnerability

  • Severity: 4
  • Published: January 09, 2018

USN-3522-1 fixed a vulnerability in the Linux kernel to address Meltdown (CVE-2017-5754). Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Jann Horn discovered t...

Juniper Junos OS: 2018-01 Security Bulletin: Junos OS: Malicious LLDP crafted packet leads to privilege escalation, denial of service. (JSA10830) (CVE-2018-0007) Vulnerability

  • Severity: 4
  • Published: January 09, 2018

An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. Further crafted packets may be able to s...

Juniper Junos OS: Unauthenticated Remote Code Execution through J-Web interface (JSA10828) (CVE-2018-0001) Vulnerability

  • Severity: 4
  • Published: January 09, 2018

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D67; 12.3 versions prior to...