Live-Hack-CVE/CVE-2023-22410 A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). Devices are only vulnerable when the Suspicious Control Flow Detection (scfd) feature is CVE project by @Sn0wAlice Create: 2023-01-13 09:46:05 +0000 UTC Push: 2023-01-13 09:46:08 +0000 UTC |

Live-Hack-CVE/CVE-2023-22409 An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). When an inconsistent "deterministic NAT" configuration is present on an SRX, or MX with SPC3 and then a specific CLI command is CVE project by @Sn0wAlice Create: 2023-01-13 09:46:01 +0000 UTC Push: 2023-01-13 09:46:04 +0000 UTC |

Live-Hack-CVE/CVE-2023-22408 An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an attacker sends an SIP packets with a malformed SDP field then the SIP ALG can not process it which will lead to CVE project by @Sn0wAlice Create: 2023-01-13 09:45:57 +0000 UTC Push: 2023-01-13 09:46:00 +0000 UTC |

Live-Hack-CVE/CVE-2023-22407 An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue CVE project by @Sn0wAlice Create: 2023-01-13 09:45:54 +0000 UTC Push: 2023-01-13 09:45:56 +0000 UTC |

Live-Hack-CVE/CVE-2023-22406 A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). In a segment-routing scenario with OSPF as IGP, when a peer interface continuously flaps, next-hop churn wil CVE project by @Sn0wAlice Create: 2023-01-13 09:45:49 +0000 UTC Push: 2023-01-13 09:45:52 +0000 UTC |

Live-Hack-CVE/CVE-2023-22405 An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS) to device due to out of resources. When a device is configured with CVE project by @Sn0wAlice Create: 2023-01-13 09:45:45 +0000 UTC Push: 2023-01-13 09:45:48 +0000 UTC |

Live-Hack-CVE/CVE-2023-22404 An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon (iked) of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated, network-based attacker to cause a Denial of Service (DoS). iked will crash and restart, and the tunnel will not come up when a peer sends a specif CVE project by @Sn0wAlice Create: 2023-01-13 09:45:41 +0000 UTC Push: 2023-01-13 09:45:44 +0000 UTC |

Live-Hack-CVE/CVE-2023-22403 An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On QFX10k Series Inter-Chassis Control Protocol (ICCP) is used in MC-LAG topologies to exchange co CVE project by @Sn0wAlice Create: 2023-01-13 09:45:37 +0000 UTC Push: 2023-01-13 09:45:40 +0000 UTC |

Live-Hack-CVE/CVE-2023-22402 A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). In a Non Stop Routing (NSR) scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there is a BGP neighbor f CVE project by @Sn0wAlice Create: 2023-01-13 09:45:32 +0000 UTC Push: 2023-01-13 09:45:35 +0000 UTC |

Live-Hack-CVE/CVE-2023-22401 An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On the PTX10008 and PTX10016 platforms running Junos OS or Junos OS Evol CVE project by @Sn0wAlice Create: 2023-01-13 09:45:28 +0000 UTC Push: 2023-01-13 09:45:31 +0000 UTC |

Live-Hack-CVE/CVE-2023-22400 An Uncontrolled Resource Consumption vulnerability in the PFE management daemon (evo-pfemand) of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause an FPC crash leading to a Denial of Service (DoS). When a specific SNMP GET operation or a specific CLI command is executed this w CVE project by @Sn0wAlice Create: 2023-01-13 09:45:24 +0000 UTC Push: 2023-01-13 09:45:27 +0000 UTC |

Live-Hack-CVE/CVE-2023-22399 When sFlow is enabled and it monitors a packet forwarded via ECMP, a buffer management vulnerability in the dcpfe process of Juniper Networks Junos OS on QFX10K Series systems allows an attacker to cause the Packet Forwarding Engine (PFE) to crash and restart by sending specific genuine packets to the device, resulting CVE project by @Sn0wAlice Create: 2023-01-13 09:45:19 +0000 UTC Push: 2023-01-13 09:45:22 +0000 UTC |

Live-Hack-CVE/CVE-2023-22397 An Allocation of Resources Without Limits or Throttling weakness in the memory management of the Packet Forwarding Engine (PFE) on Juniper Networks Junos OS Evolved PTX10003 Series devices allows an adjacently located attacker who has established certain preconditions and knowledge of the environment to send certain sp CVE project by @Sn0wAlice Create: 2023-01-13 09:45:15 +0000 UTC Push: 2023-01-13 09:45:18 +0000 UTC |

Live-Hack-CVE/CVE-2023-22395 A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). In an MPLS scenario specific packets destined to an Integrated Routing and Bridging (irb) interface of the device will cause a bu CVE project by @Sn0wAlice Create: 2023-01-13 09:45:10 +0000 UTC Push: 2023-01-13 09:45:14 +0000 UTC |

Live-Hack-CVE/CVE-2022-41778 Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-DataCollect service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization. CVE project by @Sn0wAlice Create: 2023-01-13 09:45:06 +0000 UTC Push: 2023-01-13 09:45:09 +0000 UTC |

Live-Hack-CVE/CVE-2022-25715 Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields CVE project by @Sn0wAlice Create: 2023-01-13 09:45:02 +0000 UTC Push: 2023-01-13 09:45:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-33299 Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data. CVE project by @Sn0wAlice Create: 2023-01-13 07:34:05 +0000 UTC Push: 2023-01-13 07:34:07 +0000 UTC |

Live-Hack-CVE/CVE-2023-22477 Mercurius is a GraphQL adapter for Fastify. Any users of Mercurius until version 10.5.0 are subjected to a denial of service attack by sending a malformed packet over WebSocket to `/graphql`. This issue was patched in #940. As a workaround, users can disable subscriptions. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:58 +0000 UTC Push: 2023-01-13 07:34:03 +0000 UTC |

Live-Hack-CVE/CVE-2022-33290 Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:53 +0000 UTC Push: 2023-01-13 07:33:56 +0000 UTC |

Live-Hack-CVE/CVE-2022-33286 Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. CVE project by @Sn0wAlice Create: 2023-01-13 07:33:47 +0000 UTC Push: 2023-01-13 07:33:50 +0000 UTC |