|
196681
|
4.7 |
MEDIUM
Local
|
juniper
|
junos_os_evolved
|
A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command…
|
CWE-362
Race Condition
|
CVE-2021-0298
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196682
|
6.5 |
MEDIUM
Network
|
juniper
|
junos_os_evolved
|
A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does no…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-0297
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196683
|
7.4 |
HIGH
Network
|
juniper
|
ctpview
|
The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header which allows servers to indicate that content from the requested domain…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-0296
|
2024-11-21 14:42 |
2021-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196684
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of BluetoothPairingDialog, there is a possible way to enable Bluetooth without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User …
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0583
|
2024-11-21 14:42 |
2021-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196685
|
7.3 |
HIGH
Local
|
google
|
android
|
In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User e…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2021-0598
|
2024-11-21 14:42 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196686
|
7.8 |
HIGH
Local
|
google
|
android
|
In lockAllProfileTasks of RootWindowContainer.java, there is a possible way to access the work profile without the profile PIN, after logging in. This could lead to local escalation of privilege with…
|
CWE-287
Improper Authentication
|
CVE-2021-0595
|
2024-11-21 14:42 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196687
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction …
|
NVD-CWE-noinfo
|
CVE-2021-0425
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196688
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interactio…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-0424
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196689
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User…
|
CWE-665
Improper Initialization
|
CVE-2021-0423
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196690
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In memory management driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interactio…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2021-0422
|
2024-11-21 14:42 |
2021-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
