momika233/CVE-2022-3656 Create: 2023-01-13 11:26:14 +0000 UTC Push: 2023-01-13 11:26:15 +0000 UTC |

SmallTown123/Details-for-CVE-2022-46505 MatrixSSL session resume bug Create: 2023-01-13 10:39:50 +0000 UTC Push: 2023-01-13 10:39:50 +0000 UTC |

Live-Hack-CVE/CVE-2023-22417 A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is configured. Eventual CVE project by @Sn0wAlice Create: 2023-01-13 09:46:35 +0000 UTC Push: 2023-01-13 09:46:38 +0000 UTC |

Live-Hack-CVE/CVE-2023-22416 A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. CVE project by @Sn0wAlice Create: 2023-01-13 09:46:30 +0000 UTC Push: 2023-01-13 09:46:34 +0000 UTC |

Live-Hack-CVE/CVE-2023-22415 An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all MX Series and SRX Series platform, when H.323 ALG is enabled and specific H.323 packets are received simultaneously, a flow processing daemon (flo CVE project by @Sn0wAlice Create: 2023-01-13 09:46:26 +0000 UTC Push: 2023-01-13 09:46:29 +0000 UTC |

Live-Hack-CVE/CVE-2023-22414 A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator (FPC) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared physical or logical network, to cause a heap memory leak and leading to FPC crash. On all Junos PTX Series and QFX10000 Ser CVE project by @Sn0wAlice Create: 2023-01-13 09:46:22 +0000 UTC Push: 2023-01-13 09:46:25 +0000 UTC |

Live-Hack-CVE/CVE-2023-22413 An Improper Check or Handling of Exceptional Conditions vulnerability in the IPsec library of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause Denial of Service (DoS). On all MX platforms with MS-MPC or MS-MIC card, when specific IPv4 packets are processed by an IPsec6 tunnel, the Mul CVE project by @Sn0wAlice Create: 2023-01-13 09:46:18 +0000 UTC Push: 2023-01-13 09:46:21 +0000 UTC |

Live-Hack-CVE/CVE-2023-22412 An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-based attacker to cause a flow processing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will c CVE project by @Sn0wAlice Create: 2023-01-13 09:46:14 +0000 UTC Push: 2023-01-13 09:46:16 +0000 UTC |

Live-Hack-CVE/CVE-2023-22411 An Out-of-Bounds Write vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On SRX Series devices using Unified Policies with IPv6, when a specific IPv6 packet goes through a dynamic-application filter which will CVE project by @Sn0wAlice Create: 2023-01-13 09:46:09 +0000 UTC Push: 2023-01-13 09:46:13 +0000 UTC |

Live-Hack-CVE/CVE-2023-22410 A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). Devices are only vulnerable when the Suspicious Control Flow Detection (scfd) feature is CVE project by @Sn0wAlice Create: 2023-01-13 09:46:05 +0000 UTC Push: 2023-01-13 09:46:08 +0000 UTC |

Live-Hack-CVE/CVE-2023-22409 An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is CVE project by @Sn0wAlice Create: 2023-01-13 09:46:01 +0000 UTC Push: 2023-01-13 09:46:04 +0000 UTC |

Live-Hack-CVE/CVE-2023-22408 An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an attacker sends an SIP packets with a malformed SDP field then the SIP ALG can not process it which will lead to CVE project by @Sn0wAlice Create: 2023-01-13 09:45:57 +0000 UTC Push: 2023-01-13 09:46:00 +0000 UTC |

Live-Hack-CVE/CVE-2023-22407 An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue CVE project by @Sn0wAlice Create: 2023-01-13 09:45:54 +0000 UTC Push: 2023-01-13 09:45:56 +0000 UTC |

Live-Hack-CVE/CVE-2023-22406 A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). In a segment-routing scenario with OSPF as IGP, when a peer interface continuously flaps, next-hop churn wil CVE project by @Sn0wAlice Create: 2023-01-13 09:45:49 +0000 UTC Push: 2023-01-13 09:45:52 +0000 UTC |

Live-Hack-CVE/CVE-2023-22405 An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS) to device due to out of resources. When a device is configured with CVE project by @Sn0wAlice Create: 2023-01-13 09:45:45 +0000 UTC Push: 2023-01-13 09:45:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-22404 An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon (iked) of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service (DoS). iked will crash and restart, and the tunnel will not come up when a peer sends a specif CVE project by @Sn0wAlice Create: 2023-01-13 09:45:41 +0000 UTC Push: 2023-01-13 09:45:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-22403 An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On QFX10k Series Inter-Chassis Control Protocol (ICCP) is used in MC-LAG topologies to exchange co CVE project by @Sn0wAlice Create: 2023-01-13 09:45:37 +0000 UTC Push: 2023-01-13 09:45:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-22402 A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor f CVE project by @Sn0wAlice Create: 2023-01-13 09:45:32 +0000 UTC Push: 2023-01-13 09:45:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-22401 An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On the PTX10008 and PTX10016 platforms running Junos OS or Junos OS Evol CVE project by @Sn0wAlice Create: 2023-01-13 09:45:28 +0000 UTC Push: 2023-01-13 09:45:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-22400 An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS). When a specific SNMP GET operation or a specific CLI command is executed this w CVE project by @Sn0wAlice Create: 2023-01-13 09:45:24 +0000 UTC Push: 2023-01-13 09:45:27 +0000 UTC |