Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-39537 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong initialization, specific processes which should only be able to communicate internally within the device can be reached over the network via open ports. This issue affects Junos OS Evolved on ACX 7000 Series: * All versions before 21.4R3-S7-EVO, * 22.2-EVO versions before 22.2R3-S4-EVO, * 22.3-EVO versions before 22.3R3-S3-EVO, * 22.4-EVO versions before 22.4R3-S2-EVO, * 23.2-EVO versions before 23.2R2-EVO, * 23.4-EVO versions before 23.4R1-S1-EVO, 23.4R2-EVO. | |||||
| CVE-2024-36252 | 2024-11-21 | N/A | 6.3 MEDIUM | ||
| Improper restriction of communication channel to intended endpoints issue exists in Ricoh Streamline NX PC Client ver.3.6.x and earlier. If this vulnerability is exploited, arbitrary code may be executed on the PC where the product is installed. | |||||
| CVE-2024-34446 | 2024-11-21 | N/A | 7.5 HIGH | ||
| Mullvad VPN through 2024.1 on Android does not set a DNS server in the blocking state (after a hard failure to create a tunnel), and thus DNS traffic can leave the device. Data showing that the affected device was the origin of sensitive DNS requests may be observed and logged by operators of unintended DNS servers. | |||||
| CVE-2024-24974 | 1 Openvpn | 1 Openvpn | 2024-11-21 | N/A | 7.5 HIGH |
| The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service. | |||||
| CVE-2023-44195 | 1 Juniper | 1 Junos Os Evolved | 2024-11-21 | N/A | 5.4 MEDIUM |
| An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denial-of-Service (DoS), and unauthorized access. CVE-2023-44196 is a prerequisite for this issue. This issue affects Juniper Networks Junos OS Evolved: * 21.3-EVO versions prior to 21.3R3-S5-EVO; * 21.4-EVO versions prior to 21.4R3-S4-EVO; * 22.1-EVO version 22.1R1-EVO and later; * 22.2-EVO version 22.2R1-EVO and later; * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4-EVO versions prior to 22.4R3-EVO. This issue doesn't not affected Junos OS Evolved versions prior to 21.3R1-EVO. | |||||
| CVE-2022-2663 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A | 5.3 MEDIUM |
| An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured. | |||||
| CVE-2021-32635 | 1 Sylabs | 1 Singularity | 2024-11-21 | 6.8 MEDIUM | 6.3 MEDIUM |
| Singularity is an open source container platform. In verions 3.7.2 and 3.7.3, Dde to incorrect use of a default URL, `singularity` action commands (`run`/`shell`/`exec`) specifying a container using a `library://` URI will always attempt to retrieve the container from the default remote endpoint (`cloud.sylabs.io`) rather than the configured remote endpoint. An attacker may be able to push a malicious container to the default remote endpoint with a URI that is identical to the URI used by a victim with a non-default remote endpoint, thus executing the malicious container. Only action commands (`run`/`shell`/`exec`) against `library://` URIs are affected. Other commands such as `pull` / `push` respect the configured remote endpoint. The vulnerability is patched in Singularity version 3.7.4. Two possible workarounds exist: Users can only interact with the default remote endpoint, or an installation can have an execution control list configured to restrict execution to containers signed with specific secure keys. | |||||
| CVE-2024-47125 | 1 Gotenna | 1 Gotenna Pro | 2024-10-17 | N/A | 5.4 MEDIUM |
| The goTenna Pro App does not authenticate public keys which allows an unauthenticated attacker to manipulate messages. It is advised to update your app to the current release for enhanced encryption protocols. | |||||
| CVE-2024-43571 | 1 Microsoft | 1 Windows 11 24h2 | 2024-10-16 | N/A | 7.3 HIGH |
| Sudo for Windows Spoofing Vulnerability | |||||
| CVE-2024-47490 | 2024-10-15 | N/A | 8.2 HIGH | ||
| An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network based attacker to cause increased consumption of resources, ultimately resulting in a Denial of Service (DoS). When specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the Routing Engine (RE), rather than being handled appropriately. Continuous receipt of these MPLS packets causes resources to be exhausted. MPLS config is not required to be affected by this issue. This issue affects Junos OS Evolved ACX 7000 Series: * All versions before 21.4R3-S9-EVO, * 22.2-EVO before 22.2R3-S4-EVO, * 22.3-EVO before 22.3R3-S3-EVO, * 22.4-EVO before 22.4R3-S2-EVO, * 23.2-EVO before 23.2R2-EVO, * 23.4-EVO before 23.4R1-S1-EVO, 23.4R2-EVO. | |||||
| CVE-2024-41889 | 1 Pimax | 2 Pitool, Play | 2024-08-30 | N/A | 9.8 CRITICAL |
| Multiple Pimax products accept WebSocket connections from unintended endpoints. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker. | |||||