A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings, aka "Active Directory Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. Date published :...
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows...
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0991, CVE-2018-0997, CVE-2018-1018,...
JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. The default configuration and sample files of JSNAPy automation tool versions prior to 1.3.0 are created world...
A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed....
If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all remaining digits will be auto-configured to 0. Hence,...
Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a repeated malformed BGP UPDATEs can result...
A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the...
On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control...
A vulnerability in the Network Address Translation – Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of...
Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only...
The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN. Date published : 2018-04-10 http://www.securityfocus.com/bid/68014 https://bugzilla.redhat.com/show_bug.cgi?id=1109628
The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and earlier for WordPress allows remote attackers to execute arbitrary commands via the cmd parameter to functions/ezpz-archive-cmd.php. Date published : 2018-04-10 http://www.openwall.com/lists/oss-security/2014/05/01/11
The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts....