Skip to main content
CVE-2018-0007 CRITICAL Act Now

An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Juniper RCE Command Injection Denial Of Service +1
NVD
CVSS 3.0
9.8
EPSS
2.2%
CVE-2018-0001 CRITICAL PATCH Act Now

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Juniper Code Injection Use After Free Memory Corruption PHP +1
NVD
CVSS 3.0
9.8
EPSS
6.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy