IDCVSSSummaryLast (major) updatePublished
CVE-2021-44228 9.3
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta
19-01-2022 - 04:15 10-12-2021 - 10:15
CVE-2021-38173 7.5
Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering SSH commands using ssh_filter_btrbk.sh in authorized_keys.
19-01-2022 - 04:15 07-08-2021 - 19:15
CVE-2021-34363 6.4
The thefuck (aka The Fuck) package before 3.31 for Python allows Path Traversal that leads to arbitrary file deletion via the "undo archive operation" feature.
19-01-2022 - 04:15 10-06-2021 - 11:15
CVE-2022-22152 None
A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service Orchestration allows one tenant on the system to view confidential configuration details of another tenant on the same system. By utilizing the REST API
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22154 None
In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device (SD) control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device t
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22157 None
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22155 None
An Uncontrolled Resource Consumption vulnerability in the handling of IPv6 neighbor state change events in Juniper Networks Junos OS allows an adjacent attacker to cause a memory leak in the Flexible PIC Concentrator (FPC) of an ACX5448 router. The c
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22160 None
An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service (DoS). In a subscriber management / bro
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22156 None
An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle (PitM) attacks when a system script is fetched from a remote source at a specified HTTPS URL, which may compromise the int
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22153 None
An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthentica
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22174 None
A vulnerability in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches may cause the memory to not be freed, leading to a packet DMA memory leak, and eventual Denial of Service (DoS) condition. On
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22164 None
An Improper Initialization vulnerability in Juniper Networks Junos OS Evolved may cause a commit operation for disabling the telnet service to not take effect as expected, resulting in the telnet service staying enabled. When it is not intended to be
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22169 None
An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly en
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22167 None
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22170 None
A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over V
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22159 None
A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CP
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22171 None
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22172 None
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploit
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22172 None
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploit
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22173 None
A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). In a scenario where Public K
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22161 None
An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-ba
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22179 None
A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Servi
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22162 None
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at th
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22163 None
An Improper Input Validation vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If a device is configured as DHC
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22166 None
An Improper Validation of Specified Quantity in Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause an rdp crash and thereby a Denial of Service (DoS). If a BGP u
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22168 None
An Improper Validation of Specified Type of Input vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to trigger a Missing Release of Memory after Effective Lifetime vulnerability. Continued exploitati
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22175 None
An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued rec
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22176 None
An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22177 None
A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This i
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22178 None
A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Cont
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-22180 None
An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this vuln
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-23435 None
decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service.
19-01-2022 - 01:15 19-01-2022 - 01:15
CVE-2022-21690 None
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions The path parameter of the requested URL is not sanitized before being passed to the
18-01-2022 - 23:15 18-01-2022 - 23:15
CVE-2022-21692 None
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions anyone with access to the chat environment can write messages disguised as another
18-01-2022 - 23:15 18-01-2022 - 23:15
CVE-2022-21694 None
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. The website mode of the onionshare allows to use a hardened CSP, which will block any scripts and extern
18-01-2022 - 23:15 18-01-2022 - 23:15
CVE-2022-21700 None
Micronaut is a JVM-based, full stack Java framework designed for building JVM web applications with support for Java, Kotlin and the Groovy language. In affected versions sending an invalid Content Type header leads to memory leak in DefaultArgumentC
18-01-2022 - 23:15 18-01-2022 - 23:15
CVE-2022-21689 None
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions the receive mode limits concurrent uploads to 100 per second and blocks other uploa
18-01-2022 - 23:15 18-01-2022 - 22:15
CVE-2021-1093 4.9
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more se
18-01-2022 - 23:15 22-07-2021 - 05:15
CVE-2021-1094 3.6
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of service or information disclosure.
18-01-2022 - 23:15 22-07-2021 - 05:15
CVE-2021-1095 2.1
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handlers for all control calls with embedded parameters where dereferencing an untrusted pointer may lead to denial of service.
18-01-2022 - 23:15 22-07-2021 - 05:15
CVE-2021-1076 4.6
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys or nvidia.ko) where improper access control may lead to denial of service, information disclosure, or data corruption.
18-01-2022 - 23:15 21-04-2021 - 23:15
CVE-2021-1056 3.6
NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to d
18-01-2022 - 23:15 08-01-2021 - 01:15
CVE-2022-21673 None
Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will for
18-01-2022 - 22:15 18-01-2022 - 22:15
CVE-2022-21691 None
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions chat participants can spoof their channel leave message, tricking others into assum
18-01-2022 - 22:15 18-01-2022 - 22:15
CVE-2022-21693 None
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions an adversary with a primitive that allows for filesystem access from the context of
18-01-2022 - 22:15 18-01-2022 - 22:15
CVE-2022-21688 None
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. Affected versions of the desktop application were found to be vulnerable to denial of service via an und
18-01-2022 - 22:15 18-01-2022 - 22:15
CVE-2022-21695 None
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users (or unauthenticated in public mode) can send messages without b
18-01-2022 - 22:15 18-01-2022 - 22:15
CVE-2022-23408 None
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in
18-01-2022 - 21:15 18-01-2022 - 21:15
CVE-2018-19052 5.0
An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a
18-01-2022 - 21:15 07-11-2018 - 05:29
CVE-2020-25427 4.3
A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service.
18-01-2022 - 20:55 10-01-2022 - 22:15
Back to Top Mark selected
Back to Top