https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 05:53:24 +0000 https://vulnerability.circl.lu/sighting/2207d2cd-945f-498f-91a3-de9894c02334/export {"uuid": "2207d2cd-945f-498f-91a3-de9894c02334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47508", "type": "seen", "source": "https://t.me/cvedetector/7703", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47508 - Juniper Networks Junos OS Evolved PFE Management Daemon Resource Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47508 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. \n \nGUID exhaustion will trigger a syslog message like one of the following: \n \nevo-pfemand[]: get_next_guid: Ran out of Guid Space ... \nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... \nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: \n \n \n \n \n \nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand \n \n \n \nIn case one or more of these values are constantly increasing the leak is happening. \n \nThis issue affects Junos OS Evolved: \n \n \n \n * All versions before 21.2R3-S8-EVO, \n * 21.3 versions before 21.3R3-EVO; \n * 21.4 versions before 22.1R2-EVO, \n \n * 22.1 versions before\u00a022.1R1-S1-EVO, 22.1R2-EVO. \n \n \n \n \n \nPlease note that this issue is similar to, but different from CVE-2024-47505 and CVE-2024-47509. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:57.000000Z"} {"uuid": "2207d2cd-945f-498f-91a3-de9894c02334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47508", "type": "seen", "source": "https://t.me/cvedetector/7703", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47508 - Juniper Networks Junos OS Evolved PFE Management Daemon Resource Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47508 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. \n \nGUID exhaustion will trigger a syslog message like one of the following: \n \nevo-pfemand[]: get_next_guid: Ran out of Guid Space ... \nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... \nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: \n \n \n \n \n \nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand \n \n \n \nIn case one or more of these values are constantly increasing the leak is happening. \n \nThis issue affects Junos OS Evolved: \n \n \n \n * All versions before 21.2R3-S8-EVO, \n * 21.3 versions before 21.3R3-EVO; \n * 21.4 versions before 22.1R2-EVO, \n \n * 22.1 versions before\u00a022.1R1-S1-EVO, 22.1R2-EVO. \n \n \n \n \n \nPlease note that this issue is similar to, but different from CVE-2024-47505 and CVE-2024-47509. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:57.000000Z"} https://vulnerability.circl.lu/sighting/2207d2cd-945f-498f-91a3-de9894c02334/export Fri, 11 Oct 2024 18:42:57 +0000 https://vulnerability.circl.lu/sighting/98d3a803-f8de-409a-a2e9-91ebf40f565f/export {"uuid": "98d3a803-f8de-409a-a2e9-91ebf40f565f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47509", "type": "seen", "source": "https://t.me/cvedetector/7704", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47505 - Juniper Networks Junos OS Evolved: PFE Management Daemon Unchecked Resource Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47505 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. \n \nGUID exhaustion will trigger a syslog message like one of the following: \n \nevo-pfemand[]: get_next_guid: Ran out of Guid Space ... \nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... \nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: \n \n \n \n \n \nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand \n \n \n \nIn case one or more of these values are constantly increasing the leak is happening. \n \nThis issue affects Junos OS Evolved: \n \n \n \n * All versions before 21.4R3-S7-EVO, \n * 22.1 versions before 22.1R3-S6-EVO, \n * 22.2 versions before 22.2R3-EVO,\u00a0 \n \n * 22.3 versions before 22.3R3-EVO, \n * 22.4 versions before 22.4R2-EVO. \n \n \n \nPlease note that this issue is similar to, but different from\u00a0CVE-2024-47508 and CVE-2024-47509. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:58.000000Z"} {"uuid": "98d3a803-f8de-409a-a2e9-91ebf40f565f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47509", "type": "seen", "source": "https://t.me/cvedetector/7704", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47505 - Juniper Networks Junos OS Evolved: PFE Management Daemon Unchecked Resource Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47505 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. \n \nGUID exhaustion will trigger a syslog message like one of the following: \n \nevo-pfemand[]: get_next_guid: Ran out of Guid Space ... \nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... \nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: \n \n \n \n \n \nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand \n \n \n \nIn case one or more of these values are constantly increasing the leak is happening. \n \nThis issue affects Junos OS Evolved: \n \n \n \n * All versions before 21.4R3-S7-EVO, \n * 22.1 versions before 22.1R3-S6-EVO, \n * 22.2 versions before 22.2R3-EVO,\u00a0 \n \n * 22.3 versions before 22.3R3-EVO, \n * 22.4 versions before 22.4R2-EVO. \n \n \n \nPlease note that this issue is similar to, but different from\u00a0CVE-2024-47508 and CVE-2024-47509. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:58.000000Z"} https://vulnerability.circl.lu/sighting/98d3a803-f8de-409a-a2e9-91ebf40f565f/export Fri, 11 Oct 2024 18:42:58 +0000 https://vulnerability.circl.lu/sighting/d54e5926-eb38-451c-9f5a-78ff13cce2e0/export {"uuid": "d54e5926-eb38-451c-9f5a-78ff13cce2e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47505", "type": "seen", "source": "https://t.me/cvedetector/7704", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47505 - Juniper Networks Junos OS Evolved: PFE Management Daemon Unchecked Resource Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47505 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. \n \nGUID exhaustion will trigger a syslog message like one of the following: \n \nevo-pfemand[]: get_next_guid: Ran out of Guid Space ... \nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... \nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: \n \n \n \n \n \nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand \n \n \n \nIn case one or more of these values are constantly increasing the leak is happening. \n \nThis issue affects Junos OS Evolved: \n \n \n \n * All versions before 21.4R3-S7-EVO, \n * 22.1 versions before 22.1R3-S6-EVO, \n * 22.2 versions before 22.2R3-EVO,\u00a0 \n \n * 22.3 versions before 22.3R3-EVO, \n * 22.4 versions before 22.4R2-EVO. \n \n \n \nPlease note that this issue is similar to, but different from\u00a0CVE-2024-47508 and CVE-2024-47509. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:58.000000Z"} {"uuid": "d54e5926-eb38-451c-9f5a-78ff13cce2e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47505", "type": "seen", "source": "https://t.me/cvedetector/7704", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47505 - Juniper Networks Junos OS Evolved: PFE Management Daemon Unchecked Resource Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47505 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. \n \nGUID exhaustion will trigger a syslog message like one of the following: \n \nevo-pfemand[]: get_next_guid: Ran out of Guid Space ... \nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... \nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: \n \n \n \n \n \nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand \n \n \n \nIn case one or more of these values are constantly increasing the leak is happening. \n \nThis issue affects Junos OS Evolved: \n \n \n \n * All versions before 21.4R3-S7-EVO, \n * 22.1 versions before 22.1R3-S6-EVO, \n * 22.2 versions before 22.2R3-EVO,\u00a0 \n \n * 22.3 versions before 22.3R3-EVO, \n * 22.4 versions before 22.4R2-EVO. \n \n \n \nPlease note that this issue is similar to, but different from\u00a0CVE-2024-47508 and CVE-2024-47509. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:58.000000Z"} https://vulnerability.circl.lu/sighting/d54e5926-eb38-451c-9f5a-78ff13cce2e0/export Fri, 11 Oct 2024 18:42:58 +0000 https://vulnerability.circl.lu/sighting/908a78ba-5141-4eba-a15e-482a09757b3f/export {"uuid": "908a78ba-5141-4eba-a15e-482a09757b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47508", "type": "seen", "source": "https://t.me/cvedetector/7704", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47505 - Juniper Networks Junos OS Evolved: PFE Management Daemon Unchecked Resource Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47505 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. \n \nGUID exhaustion will trigger a syslog message like one of the following: \n \nevo-pfemand[]: get_next_guid: Ran out of Guid Space ... \nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... \nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: \n \n \n \n \n \nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand \n \n \n \nIn case one or more of these values are constantly increasing the leak is happening. \n \nThis issue affects Junos OS Evolved: \n \n \n \n * All versions before 21.4R3-S7-EVO, \n * 22.1 versions before 22.1R3-S6-EVO, \n * 22.2 versions before 22.2R3-EVO,\u00a0 \n \n * 22.3 versions before 22.3R3-EVO, \n * 22.4 versions before 22.4R2-EVO. \n \n \n \nPlease note that this issue is similar to, but different from\u00a0CVE-2024-47508 and CVE-2024-47509. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:58.000000Z"} {"uuid": "908a78ba-5141-4eba-a15e-482a09757b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47508", "type": "seen", "source": "https://t.me/cvedetector/7704", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47505 - Juniper Networks Junos OS Evolved: PFE Management Daemon Unchecked Resource Allocation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47505 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling\u00a0vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an authenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS).When specific SNMP GET operations or specific low-priviledged CLI commands are executed, a GUID resource leak will occur, eventually leading to exhaustion and resulting in FPCs to hang. Affected FPCs need to be manually restarted to recover. \n \nGUID exhaustion will trigger a syslog message like one of the following: \n \nevo-pfemand[]: get_next_guid: Ran out of Guid Space ... \nevo-aftmand-zx[]: get_next_guid: Ran out of Guid Space ... \nThe leak can be monitored by running the following command and taking note of the values in the rightmost column labeled Guids: \n \n \n \n \n \nuser@host> show platform application-info allocations app evo-pfemand/evo-pfemand \n \n \n \nIn case one or more of these values are constantly increasing the leak is happening. \n \nThis issue affects Junos OS Evolved: \n \n \n \n * All versions before 21.4R3-S7-EVO, \n * 22.1 versions before 22.1R3-S6-EVO, \n * 22.2 versions before 22.2R3-EVO,\u00a0 \n \n * 22.3 versions before 22.3R3-EVO, \n * 22.4 versions before 22.4R2-EVO. \n \n \n \nPlease note that this issue is similar to, but different from\u00a0CVE-2024-47508 and CVE-2024-47509. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:42:58.000000Z"} https://vulnerability.circl.lu/sighting/908a78ba-5141-4eba-a15e-482a09757b3f/export Fri, 11 Oct 2024 18:42:58 +0000 https://vulnerability.circl.lu/sighting/09df132d-955e-4f72-a07d-16fc9e25a626/export {"uuid": "09df132d-955e-4f72-a07d-16fc9e25a626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47507", "type": "seen", "source": "https://t.me/cvedetector/7705", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47507 - Juniper Networks Junos OS Routing Protocol Daemon ASN Zero Acceptance and Propagation Vulnerability (Improper Check)\", \n \"Content\": \"CVE ID : CVE-2024-47507 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. \n \nWhen a peer sends a BGP update message which contains the aggregator attribute with an ASN value of zero (0), rpd accepts and propagates this attribute, which can cause issues for downstream BGP peers receiving this. \n \n \n \nThis issue affects: \n \nJunos OS: \n \n \n \n * All versions before 21.4R3-S6, \n * 22.2 versions before 22.2R3-S3, \n * 22.4 versions before 22.4R3;\u00a0 \n \n \n \n \n \n \n \nJunos OS Evolved:\u00a0 \n \n \n \n * All versions before 21.4R3-S7-EVO, \n * 22.2 versions before 22.2R3-S4-EVO, \n * 22.4 versions before 22.4R3-EVO. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:05.000000Z"} {"uuid": "09df132d-955e-4f72-a07d-16fc9e25a626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47507", "type": "seen", "source": "https://t.me/cvedetector/7705", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47507 - Juniper Networks Junos OS Routing Protocol Daemon ASN Zero Acceptance and Propagation Vulnerability (Improper Check)\", \n \"Content\": \"CVE ID : CVE-2024-47507 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an integrity impact to the downstream devices. \n \nWhen a peer sends a BGP update message which contains the aggregator attribute with an ASN value of zero (0), rpd accepts and propagates this attribute, which can cause issues for downstream BGP peers receiving this. \n \n \n \nThis issue affects: \n \nJunos OS: \n \n \n \n * All versions before 21.4R3-S6, \n * 22.2 versions before 22.2R3-S3, \n * 22.4 versions before 22.4R3;\u00a0 \n \n \n \n \n \n \n \nJunos OS Evolved:\u00a0 \n \n \n \n * All versions before 21.4R3-S7-EVO, \n * 22.2 versions before 22.2R3-S4-EVO, \n * 22.4 versions before 22.4R3-EVO. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:05.000000Z"} https://vulnerability.circl.lu/sighting/09df132d-955e-4f72-a07d-16fc9e25a626/export Fri, 11 Oct 2024 18:43:05 +0000 https://vulnerability.circl.lu/sighting/65f0a97e-22bb-4805-a2db-03d8796abb2a/export {"uuid": "65f0a97e-22bb-4805-a2db-03d8796abb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47501", "type": "seen", "source": "https://t.me/cvedetector/7706", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47501 - Juniper Networks Junos OS Null Pointer Dereference Denial of Service Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47501 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : A NULL Pointer Dereference vulnerability in the \n \npacket forwarding engine (pfe)\u00a0of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and\u00a0EX9200 with EX9200-15C allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). \n \nIn a VPLS or Junos Fusion scenario, the execution of specific show commands will cause all FPCs hosting VPLS sessions or connecting to satellites to crash and restart. \n \nThis issue affects Junos on\u00a0MX304, MX with MPC10/11/LC9600 and EX9200 with EX9200-15C:\u00a0 \n \n \n \n * All version before 21.2R3-S1, \n * 21.3 versions before 21.3R3,\u00a0 \n * 21.4 versions before 21.4R2. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:06.000000Z"} {"uuid": "65f0a97e-22bb-4805-a2db-03d8796abb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47501", "type": "seen", "source": "https://t.me/cvedetector/7706", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47501 - Juniper Networks Junos OS Null Pointer Dereference Denial of Service Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47501 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : A NULL Pointer Dereference vulnerability in the \n \npacket forwarding engine (pfe)\u00a0of Juniper Networks Junos OS on MX304, MX with MPC10/11/LC9600, and\u00a0EX9200 with EX9200-15C allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). \n \nIn a VPLS or Junos Fusion scenario, the execution of specific show commands will cause all FPCs hosting VPLS sessions or connecting to satellites to crash and restart. \n \nThis issue affects Junos on\u00a0MX304, MX with MPC10/11/LC9600 and EX9200 with EX9200-15C:\u00a0 \n \n \n \n * All version before 21.2R3-S1, \n * 21.3 versions before 21.3R3,\u00a0 \n * 21.4 versions before 21.4R2. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:06.000000Z"} https://vulnerability.circl.lu/sighting/65f0a97e-22bb-4805-a2db-03d8796abb2a/export Fri, 11 Oct 2024 18:43:06 +0000 https://vulnerability.circl.lu/sighting/a56db1a0-d784-4fb9-b27b-6d5b43886ad4/export {"uuid": "a56db1a0-d784-4fb9-b27b-6d5b43886ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47502", "type": "seen", "source": "https://t.me/cvedetector/7707", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47502 - Juniper Networks Junos OS Evolved TCP Session Exhaustion DoS\", \n \"Content\": \"CVE ID : CVE-2024-47502 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). \n \nIn specific cases the state of TCP sessions that are terminated is not cleared, which over time leads to an exhaustion of resources, preventing new connections to the control plane from being established. \n \nA continuously increasing number of connections shown by: \n \n \n \nuser@host > show system connections \n \n \n \nis indicative of the problem. To recover the respective RE needs to be restarted manually. \n \nThis issue only affects IPv4 but does not affect IPv6. \nThis issue only affects TCP sessions established in-band (over an interface on an FPC) but not out-of-band (over the management ethernet port on the routing-engine). \n \nThis issue affects Junos OS Evolved:\u00a0 \n \n * All versions before 21.4R3-S9-EVO, \n * 22.2 versions before 22.2R3-S4-EVO, \n * 22.4 version before 22.4R3-S3-EVO, \n * 23.2 versions before 23.2R2-S1-EVO, \n * 23.4 versions before 23.4R2-EVO. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:08.000000Z"} {"uuid": "a56db1a0-d784-4fb9-b27b-6d5b43886ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47502", "type": "seen", "source": "https://t.me/cvedetector/7707", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47502 - Juniper Networks Junos OS Evolved TCP Session Exhaustion DoS\", \n \"Content\": \"CVE ID : CVE-2024-47502 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). \n \nIn specific cases the state of TCP sessions that are terminated is not cleared, which over time leads to an exhaustion of resources, preventing new connections to the control plane from being established. \n \nA continuously increasing number of connections shown by: \n \n \n \nuser@host > show system connections \n \n \n \nis indicative of the problem. To recover the respective RE needs to be restarted manually. \n \nThis issue only affects IPv4 but does not affect IPv6. \nThis issue only affects TCP sessions established in-band (over an interface on an FPC) but not out-of-band (over the management ethernet port on the routing-engine). \n \nThis issue affects Junos OS Evolved:\u00a0 \n \n * All versions before 21.4R3-S9-EVO, \n * 22.2 versions before 22.2R3-S4-EVO, \n * 22.4 version before 22.4R3-S3-EVO, \n * 23.2 versions before 23.2R2-S1-EVO, \n * 23.4 versions before 23.4R2-EVO. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:08.000000Z"} https://vulnerability.circl.lu/sighting/a56db1a0-d784-4fb9-b27b-6d5b43886ad4/export Fri, 11 Oct 2024 18:43:08 +0000 https://vulnerability.circl.lu/sighting/3570c71f-7c42-4f94-a9ea-de0e0ef3551f/export {"uuid": "3570c71f-7c42-4f94-a9ea-de0e0ef3551f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47503", "type": "seen", "source": "https://t.me/cvedetector/7708", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47503 - Juniper Networks Junos OS Denial-of-Service IPv6 Routing DoS\", \n \"Content\": \"CVE ID : CVE-2024-47503 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and\u00a0SRX5000 Series allows an unauthenticated and logically adjacent attacker to cause a Denial-of-Service (DoS). \n \nIf in a multicast scenario a sequence of \n \nspecific\u00a0PIM packets is received, this will cause a flowd crash and restart, which leads to momentary service interruption. \nThis issue affects Junos OS on SRX 4600 and SRX 5000 Series: \n \n \n \n * All versions before 21.4R3-S9, \n * 22.2 versions before 22.2R3-S5, \n * 22.3 versions before 22.3R3-S4, \n * 22.4 versions before 22.4R3-S4, \n * 23.2 versions before 23.2R2-S2, \n * 23.4 versions before 23.4R2,\u00a0 \n * 24.2 versions before 24.2R1-S1, 24.2R2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:10.000000Z"} {"uuid": "3570c71f-7c42-4f94-a9ea-de0e0ef3551f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47503", "type": "seen", "source": "https://t.me/cvedetector/7708", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47503 - Juniper Networks Junos OS Denial-of-Service IPv6 Routing DoS\", \n \"Content\": \"CVE ID : CVE-2024-47503 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX4600 and\u00a0SRX5000 Series allows an unauthenticated and logically adjacent attacker to cause a Denial-of-Service (DoS). \n \nIf in a multicast scenario a sequence of \n \nspecific\u00a0PIM packets is received, this will cause a flowd crash and restart, which leads to momentary service interruption. \nThis issue affects Junos OS on SRX 4600 and SRX 5000 Series: \n \n \n \n * All versions before 21.4R3-S9, \n * 22.2 versions before 22.2R3-S5, \n * 22.3 versions before 22.3R3-S4, \n * 22.4 versions before 22.4R3-S4, \n * 23.2 versions before 23.2R2-S2, \n * 23.4 versions before 23.4R2,\u00a0 \n * 24.2 versions before 24.2R1-S1, 24.2R2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:10.000000Z"} https://vulnerability.circl.lu/sighting/3570c71f-7c42-4f94-a9ea-de0e0ef3551f/export Fri, 11 Oct 2024 18:43:10 +0000 https://vulnerability.circl.lu/sighting/96a3ed78-9f5b-4b05-ab08-0523656dcad0/export {"uuid": "96a3ed78-9f5b-4b05-ab08-0523656dcad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47504", "type": "seen", "source": "https://t.me/cvedetector/7709", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47504 - Juniper Networks Junos OS IPv4 Denial of Service Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47504 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos). \n \nWhen a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart. \n \nThis issue affects Junos OS: \n \n * 22.1 releases 22.1R1 and later before 22.2R3-S5, \n * 22.3 releases before 22.3R3-S4, \n * 22.4 releases before 22.4R3-S4, \n * 23.2 releases before 23.2R2-S2, \n * 23.4 releases before 23.4R2-S1, \n * 24.2 releases before 24.2R1-S1, 24.2R2. \n \n \nPlease note that the PR does indicate that earlier versions have been fixed as well, but these won't be adversely impacted by this. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:12.000000Z"} {"uuid": "96a3ed78-9f5b-4b05-ab08-0523656dcad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47504", "type": "seen", "source": "https://t.me/cvedetector/7709", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47504 - Juniper Networks Junos OS IPv4 Denial of Service Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47504 \nPublished : Oct. 11, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine (pfe) Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service (Dos). \n \nWhen a non-clustered SRX5000 device receives a specifically malformed packet this will cause a flowd crash and restart. \n \nThis issue affects Junos OS: \n \n * 22.1 releases 22.1R1 and later before 22.2R3-S5, \n * 22.3 releases before 22.3R3-S4, \n * 22.4 releases before 22.4R3-S4, \n * 23.2 releases before 23.2R2-S2, \n * 23.4 releases before 23.4R2-S1, \n * 24.2 releases before 24.2R1-S1, 24.2R2. \n \n \nPlease note that the PR does indicate that earlier versions have been fixed as well, but these won't be adversely impacted by this. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T18:43:12.000000Z"} https://vulnerability.circl.lu/sighting/96a3ed78-9f5b-4b05-ab08-0523656dcad0/export Fri, 11 Oct 2024 18:43:12 +0000 https://vulnerability.circl.lu/sighting/224935f1-b8f4-4c90-8d12-8d68c2e2e256/export {"uuid": "224935f1-b8f4-4c90-8d12-8d68c2e2e256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4750", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9220", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4750\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The buddyboss-platform WordPress plugin before 2.6.0 contains an IDOR vulnerability that allows a user to like a private post by manipulating the ID included in the request\n\ud83d\udccf Published: 2024-06-04T06:00:02.993Z\n\ud83d\udccf Modified: 2025-03-27T21:11:34.672Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/ffbe4034-842b-43b0-97d1-208811376dea/", "creation_timestamp": "2025-03-27T21:27:45.000000Z"} {"uuid": "224935f1-b8f4-4c90-8d12-8d68c2e2e256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4750", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9220", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4750\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The buddyboss-platform WordPress plugin before 2.6.0 contains an IDOR vulnerability that allows a user to like a private post by manipulating the ID included in the request\n\ud83d\udccf Published: 2024-06-04T06:00:02.993Z\n\ud83d\udccf Modified: 2025-03-27T21:11:34.672Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/ffbe4034-842b-43b0-97d1-208811376dea/", "creation_timestamp": "2025-03-27T21:27:45.000000Z"} https://vulnerability.circl.lu/sighting/224935f1-b8f4-4c90-8d12-8d68c2e2e256/export Thu, 27 Mar 2025 21:27:45 +0000