Skip to main content

Juniper

984 CVEs vendor

Monthly

CVE-2014-6450 HIGH This Week

Juniper Junos OS before 11.4R12-S4, 12.1X44 before 12.1X44-D41, 12.1X46 before 12.1X46-D26, 12.1X47 before 12.1X47-D11/D15, 12.2 before 12.2R9, 12.2X50 before 12.2X50-D70, 12.3 before 12.3R8, 12.3X48. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Buffer Overflow Junos
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2014-6449 MEDIUM This Month

Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-7323 LOW POC Monitor

The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Juniper Privilege Escalation Pulse Connect Secure
NVD
CVSS 2.0
3.5
EPSS
0.4%
CVE-2015-7322 MEDIUM POC This Month

The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Juniper Information Disclosure Pulse Connect Secure
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-5369 MEDIUM This Month

Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Information Disclosure Pulse Connect Secure
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-5363 MEDIUM This Month

The SRX Network Security Daemon (nsd) in Juniper SRX Series services gateways with Junos 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-5360 MEDIUM This Month

IPv6 sendd in Juniper Junos 12.1X44 before 12.1X44-D51, 12.1X46 before 12.1X46-D36, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-5357 MEDIUM This Month

The Juniper EX4600, QFX3500, QFX3600, and QFX5100 switches with Junos 13.2X51-D15 through 13.2X51-D25, 13.2X51 before 13.2X51-D30, and 14.1X53 before 14.1X53-D10 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-5362 CRITICAL Act Now

The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper RCE Denial Of Service Junos
NVD
CVSS 2.0
9.3
EPSS
4.2%
CVE-2015-5359 HIGH This Week

Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R7, 13.3 before 13.3R5, 14.1R3. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.1
EPSS
0.5%
CVE-2015-5358 HIGH This Week

Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.1
EPSS
1.9%
CVE-2015-3007 HIGH This Week

The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the "set system ports console. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-3005 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Dynamic VPN in Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, and 12.3X48 before 12.3X48-D10 on SRX. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Junos
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-3004 MEDIUM This Month

J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-3003 HIGH This Week

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Privilege Escalation Junos
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-3002 MEDIUM This Month

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the. Rated medium severity (CVSS 6.9). No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2014-6386 HIGH This Week

Juniper Junos 11.4 before 11.4R8, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R9, 12.3R2 before 12.3R2-S3, 12.3. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2014-6385 MEDIUM This Month

Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, 12.2 before 12.2R9, 12.3R7 before 12.3R7-S1, 12.3 before 12.3R8, 13.1 before. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
6.1
EPSS
0.4%
CVE-2014-6384 MEDIUM This Month

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D15, 12.3 before 12.3R9, 13.1 before 13.1R4-S3, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before. Rated medium severity (CVSS 6.9). No vendor patch available.

Juniper Privilege Escalation Junos
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2014-6383 MEDIUM This Month

The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2, when using Trio-based PFE modules, does not properly match ports, which might allow remote attackers to bypass firewall rule. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-6382 HIGH This Week

The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before 13.3R6, 14.1 before 14.1R4, 14.1X50 before 14.1X50-D70, and 14.2 before 14.2R2, when configured as a broadband edge (BBE) router,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.1
EPSS
0.5%
CVE-2014-6381 LOW Monitor

Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a. Rated low severity (CVSS 2.9). No vendor patch available.

Juniper Denial Of Service Smartpass Mobile System Software Ringmaster
NVD
CVSS 2.0
2.9
EPSS
0.2%
CVE-2014-6380 HIGH POC This Week

Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4,. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.8
EPSS
0.8%
CVE-2014-6379 HIGH This Week

Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, 12.1X45 before D25, 12.1X46 before D20, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S3,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2014-6378 HIGH This Week

Juniper Junos 11.4 before R12-S4, 12.1X44 before D35, 12.1X45 before D30, 12.1X46 before D25, 12.1X47 before D10, 12.2 before R9, 12.2X50 before D70, 12.3 before R7, 13.1 before R4 before S3, 13.1X49. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2014-6377 HIGH This Week

Juniper JunosE before 13.3.3p0-1, 14.x before 14.3.2, and 15.x before 15.1.0, when DEBUG severity icmpTraffic logging is enabled, allows remote attackers to cause a denial of service (SRP reset) via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos E
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2014-3825 MEDIUM This Month

The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos Srx100 Srx110 +10
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2014-3818 HIGH This Week

Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Buffer Overflow Junos
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2014-3824 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Ivanti Junos Pulse Secure Access Service
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-3823 MEDIUM This Month

The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18 allows remote attackers to conduct clickjacking attacks via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Information Disclosure Ivanti Junos Pulse Secure Access Service
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2014-3820 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the SSL VPN/UAC web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 7.1 before 7.1r16, 7.4 before 7.4r3, and 8.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Ivanti Junos Pulse Access Control Service Junos Pulse Secure Access Service
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3811 HIGH This Week

Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Privilege Escalation Microsoft Juniper Installer Service Client Junos Pulse Client
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2014-3822 MEDIUM This Month

Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos Srx100 Srx110 +10
NVD
CVSS 2.0
5.4
EPSS
0.5%
CVE-2014-3821 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in SRX Web Authentication (webauth) in Juniper Junos 11.4 before 11.4R11, 12.1X44 before 12.1X44-D34, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Junos
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-3819 HIGH This Week

Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R10, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8, 12.3 before. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2014-3817 HIGH This Week

Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Srx100 Srx110 +10
NVD
CVSS 2.0
7.8
EPSS
0.8%
CVE-2014-3816 CRITICAL Act Now

Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8-S2, 12.3. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Privilege Escalation Junos
NVD
CVSS 2.0
9.0
EPSS
0.5%
CVE-2014-3815 HIGH This Week

Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10 on SRX Series devices allows remote attackers to cause a denial of service (flowd crash) via a crafted SIP packet. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Srx100 Srx110 +10
NVD
CVSS 2.0
7.8
EPSS
0.7%
CVE-2014-3814 HIGH This Week

The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Screenos Netscreen 5200 Netscreen 5400
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2014-3813 HIGH This Week

Unspecified vulnerability in the Juniper Networks NetScreen Firewall products with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Screenos Netscreen 5200 Netscreen 5400
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2014-3812 MEDIUM This Month

The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Information Disclosure Ivanti Ive Os Unified Access Control Software +16
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2014-3412 CRITICAL Act Now

Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos Space Junos Space Ja1500 Appliance Junos Space Ja2500 Appliance
NVD
CVSS 2.0
10.0
EPSS
1.9%
CVE-2014-3411 CRITICAL Act Now

Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper RCE Network And Security Manager Software Nsm3000 Nsmexpress
NVD
CVSS 2.0
10.0
EPSS
6.7%
CVE-2014-2842 HIGH This Week

Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Screenos
NVD VulDB
CVSS 2.0
7.8
EPSS
0.9%
CVE-2014-2714 HIGH This Week

The Enhanced Web Filtering (EWF) in Juniper Junos before 10.4R15, 11.4 before 11.4R9, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D10, and 12.1X46 before 12.1X46-D10, as. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD VulDB
CVSS 2.0
7.1
EPSS
0.7%
CVE-2014-2713 MEDIUM This Month

Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, 12.3R4 before 12.3R4-S3, 13.1 before 13.1R4, 13.2 before 13.2R2, and 13.3 before 13.3R1, as used in MX Series and T4000 routers,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD VulDB
CVSS 2.0
5.0
EPSS
0.5%
CVE-2014-2712 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 10.0S25, 10.4 before 10.4R10, 11.4 before 11.4R11, 12.1 before 12.1R9, 12.1X44 before 12.1X44-D30, 12.1X45 before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS PHP Junos
NVD VulDB
CVSS 2.0
4.3
EPSS
0.3%
CVE-2014-2711 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11, 11.4X27 before 11.4X27.62 (BBE), 12.1 before 12.1R9, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Junos
NVD VulDB
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-0614 HIGH This Week

Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is enabled, allows remote attackers to cause a denial of service (kernel panic and crash) via a large number of crafted IGMP packets. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD VulDB
CVSS 2.0
7.1
EPSS
0.7%
CVE-2014-0612 MEDIUM This Month

Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos Srx100 Srx110 +5
NVD VulDB
CVSS 2.0
5.0
EPSS
0.6%
CVE-2014-2292 HIGH This Week

Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Ivanti Ive Os
NVD VulDB
CVSS 2.0
7.2
EPSS
0.0%
CVE-2014-2291 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Pulse Collaboration (Secure Meeting) user pages in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Ivanti Ive Os
NVD VulDB
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-7313 MEDIUM This Month

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets. Rated medium severity (CVSS 5.4). No vendor patch available.

Denial Of Service Juniper Junos Junose Screenos
NVD
CVSS 2.0
5.4
EPSS
0.2%
CVE-2014-0617 HIGH This Week

Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before 11.4R9, and 12.1R before 12.1R7 on SRX Series service gateways allows remote attackers to cause a denial of service (flowd crash). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos Srx100 Srx110 +10
NVD
CVSS 2.0
7.1
EPSS
0.8%
CVE-2014-0616 HIGH This Week

Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Race Condition Junos
NVD
CVSS 2.0
7.1
EPSS
0.6%
CVE-2014-0615 HIGH This Week

Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Juniper Junos
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2014-0613 HIGH This Week

The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 2.0
7.1
EPSS
0.6%
CVE-2014-0618 HIGH This Week

Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Srx100 Srx110 +10
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2013-6958 HIGH This Week

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Screenos Netscreen 5200 Netscreen 5400
NVD
CVSS 2.0
7.1
EPSS
0.7%
CVE-2013-6957 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web administrative component in Juniper IDP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the ACM web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Idp250 Idp75 Idp800 +1
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-6956 LOW Monitor

Cross-site scripting (XSS) vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Ivanti Juniper XSS Ive Os
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2013-6618 CRITICAL POC Act Now

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Juniper Information Disclosure Junos
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
8.6%
CVE-2013-6014 CRITICAL Act Now

Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3,. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos
NVD
CVSS 3.1
9.3
EPSS
0.5%
CVE-2013-6012 HIGH This Week

Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 2.0
8.5
EPSS
0.1%
CVE-2013-6170 MEDIUM This Month

Juniper Junos 10.0 before 10.0S28, 10.4 before 10.4R7, 11.1 before 11.1R5, 11.2 before 11.2R2, and 11.4 before 11.4R1, when in a Next-Generation Multicast VPN (NGEN MVPN) environment, allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-6015 MEDIUM This Month

Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before 12.1R3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D15 on SRX Series services gateways, when a plugin using TCP proxy is. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-6013 MEDIUM This Month

Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Juniper RCE Junos
NVD
CVSS 2.0
6.8
EPSS
5.9%
CVE-2013-4689 MEDIUM This Month

J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Juniper Junos
NVD
CVSS 2.0
5.1
EPSS
0.1%
CVE-2013-5650 MEDIUM This Month

Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service (UAC) 4.1 before 4.1r8.1, 4.2 before 4.2r5,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Ivanti Junos Pulse Secure Access Service Junos Pulse Access Control Service
NVD
CVSS 2.0
5.4
EPSS
0.7%
CVE-2013-5649 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.1 before 7.1r15, 7.2 before 7.2r11, 7.3 before 7.3r6, and 7.4 before 7.4r3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Ivanti Juniper XSS Ive Os
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5097 MEDIUM PATCH This Month

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Juniper Junos Space Junos Space Virtual Appliance Junos Space Ja1500 Appliance
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-5096 MEDIUM This Month

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Juniper Junos Space Junos Space Virtual Appliance Junos Space Ja1500 Appliance
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2013-5095 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Junos Space Junos Space Virtual Appliance Junos Space Ja1500 Appliance
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2012-5460 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Ive Os Secure Access Virtual Appliance Fips Secure Access 4000 +14
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-4690 MEDIUM This Month

Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before 12.1R5-S3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on the SRX1400, SRX3400, and SRX3600 does not properly. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos Srx1400 Srx3400 +1
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-4688 HIGH This Week

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Srx100 Srx110 +10
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2013-4687 HIGH This Week

flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Srx100 Srx110 +10
NVD
CVSS 2.0
7.8
EPSS
2.4%
CVE-2013-4686 HIGH This Week

The kernel in Juniper Junos 10.4 before 10.4R14, 11.4 before 11.4R8, 11.4X27 before 11.4X27.43, 12.1 before 12.1R6, 12.1X44 before 12.1X44-D20, 12.2 before 12.2R4, and 12.3 before 12.3R2, in certain. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 2.0
7.1
EPSS
0.6%
CVE-2013-4685 CRITICAL Act Now

Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Juniper RCE Junos Srx100 +11
NVD
CVSS 2.0
10.0
EPSS
7.5%
CVE-2013-4684 HIGH This Week

flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 before 12.1R7, and 12.1X44 before 12.1X44-D15 on SRX devices, when PIM and NAT are enabled, allows remote attackers to cause a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos Srx100 Srx110 +10
NVD
CVSS 2.0
7.8
EPSS
0.8%
CVE-2013-3970 MEDIUM PATCH This Month

Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service (aka UAC) with UAC OS 4.1r1 through 4.1r5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Juniper Information Disclosure Ivanti Junos Pulse Secure Access Service Junos Pulse Access Control Service
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-3498 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Smartpass
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-3497 MEDIUM This Month

Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate. Rated medium severity (CVSS 4.7). No vendor patch available.

Juniper Authentication Bypass Junos Space Junos Space Virtual Appliance Junos Space Ja1500 Appliance
NVD
CVSS 2.0
4.7
EPSS
0.1%
CVE-2012-1038 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Juniper Networks Mobility System Software (MSS) 7.6.x before 7.6.3, 7.7.x before 7.7.1, 7.5.x before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Juniper XSS Networks Mobility System Software
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
1.1%
EPSS 0% CVSS 7.8
HIGH This Week

Juniper Junos OS before 11.4R12-S4, 12.1X44 before 12.1X44-D41, 12.1X46 before 12.1X46-D26, 12.1X47 before 12.1X47-D11/D15, 12.2 before 12.2R9, 12.2X50 before 12.2X50-D70, 12.3 before 12.3R8, 12.3X48. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 0% CVSS 3.5
LOW POC Monitor

The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Juniper Privilege Escalation Pulse Connect Secure
NVD
EPSS 0% CVSS 5.0
MEDIUM POC This Month

The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Juniper Information Disclosure Pulse Connect Secure
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Information Disclosure Pulse Connect Secure
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The SRX Network Security Daemon (nsd) in Juniper SRX Series services gateways with Junos 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

IPv6 sendd in Juniper Junos 12.1X44 before 12.1X44-D51, 12.1X46 before 12.1X46-D36, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The Juniper EX4600, QFX3500, QFX3600, and QFX5100 switches with Junos 13.2X51-D15 through 13.2X51-D25, 13.2X51 before 13.2X51-D30, and 14.1X53 before 14.1X53-D10 allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 4% CVSS 9.3
CRITICAL Act Now

The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper RCE Denial Of Service +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R7, 13.3 before 13.3R5, 14.1R3. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 2% CVSS 7.1
HIGH This Week

Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the "set system ports console. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the Dynamic VPN in Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, and 12.3X48 before 12.3X48-D10 on SRX. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Junos
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

J-Web in Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D35, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D10, 12.3X48 before 12.3X48-D10, 12.2 before 12.2R9, 12.3 before 12.3R7,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Information Disclosure Junos
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Privilege Escalation Junos
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the. Rated medium severity (CVSS 6.9). No vendor patch available.

Juniper Information Disclosure Junos
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Juniper Junos 11.4 before 11.4R8, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R9, 12.3R2 before 12.3R2-S3, 12.3. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Juniper Junos 11.4 before 11.4R13, 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, 12.2 before 12.2R9, 12.3R7 before 12.3R7-S1, 12.3 before 12.3R8, 13.1 before. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D15, 12.3 before 12.3R9, 13.1 before 13.1R4-S3, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before. Rated medium severity (CVSS 6.9). No vendor patch available.

Juniper Privilege Escalation Junos
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The stateless firewall in Juniper Junos 13.3R3, 14.1R1, and 14.1R2, when using Trio-based PFE modules, does not properly match ports, which might allow remote attackers to bypass firewall rule. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
EPSS 0% CVSS 7.1
HIGH This Week

The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before 13.3R6, 14.1 before 14.1R4, 14.1X50 before 14.1X50-D70, and 14.2 before 14.2R2, when configured as a broadband edge (BBE) router,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 0% CVSS 2.9
LOW Monitor

Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3.x before 9.0.3.5, and 9.1.x before 9.1.1, when "Proxy ARP" or "No Broadcast" features are enabled in a. Rated low severity (CVSS 2.9). No vendor patch available.

Juniper Denial Of Service Smartpass +2
NVD
EPSS 1% CVSS 7.8
HIGH POC This Week

Juniper Junos 11.4 before R11, 12.1 before R9, 12.1X44 before D30, 12.1X45 before D20, 12.1X46 before D15, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4,. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Juniper Junos 11.4 before R12, 12.1 before R10, 12.1X44 before D35, 12.1X45 before D25, 12.1X46 before D20, 12.1X47 before D10, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S3,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Juniper Junos 11.4 before R12-S4, 12.1X44 before D35, 12.1X45 before D30, 12.1X46 before D25, 12.1X47 before D10, 12.2 before R9, 12.2X50 before D70, 12.3 before R7, 13.1 before R4 before S3, 13.1X49. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Juniper JunosE before 13.3.3p0-1, 14.x before 14.3.2, and 15.x before 15.1.0, when DEBUG severity icmpTraffic logging is enabled, allows remote attackers to cause a denial of service (SRP reset) via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos E
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Buffer Overflow +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Ivanti +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18 allows remote attackers to conduct clickjacking attacks via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Information Disclosure Ivanti +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the SSL VPN/UAC web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 7.1 before 7.1r16, 7.4 before 7.4r3, and 8.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Ivanti +2
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Privilege Escalation Microsoft +2
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos +12
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in SRX Web Authentication (webauth) in Juniper Junos 11.4 before 11.4R11, 12.1X44 before 12.1X44-D34, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Junos
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R10, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8, 12.3 before. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Juniper Junos 11.4 before 11.4R12, 12.1X44 before 12.1X44-D32, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 on SRX Series devices, when NAT protocol. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos +12
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

Juniper Junos 11.4 before 11.4R12, 12.1 before 12.1R11, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D20, 12.1X47 before 12.1X47-D10, 12.2 before 12.2R8-S2, 12.3. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Privilege Escalation Junos
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10 on SRX Series devices allows remote attackers to cause a denial of service (flowd crash) via a crafted SIP packet. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos +12
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Screenos +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unspecified vulnerability in the Juniper Networks NetScreen Firewall products with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Screenos +2
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Information Disclosure Ivanti +18
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos Space +2
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper RCE Network And Security Manager Software +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Screenos
NVD VulDB
EPSS 1% CVSS 7.1
HIGH This Week

The Enhanced Web Filtering (EWF) in Juniper Junos before 10.4R15, 11.4 before 11.4R9, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D10, and 12.1X46 before 12.1X46-D10, as. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM This Month

Juniper Junos before 11.4R11, 12.1 before 12.1R9, 12.2 before 12.2R7, 12.3R4 before 12.3R4-S3, 13.1 before 13.1R4, 13.2 before 13.2R2, and 13.3 before 13.3R1, as used in MX Series and T4000 routers,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 10.0S25, 10.4 before 10.4R10, 11.4 before 11.4R11, 12.1 before 12.1R9, 12.1X44 before 12.1X44-D30, 12.1X45 before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS PHP +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11, 11.4X27 before 11.4X27.62 (BBE), 12.1 before 12.1R9, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Junos
NVD VulDB
EPSS 1% CVSS 7.1
HIGH This Week

Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is enabled, allows remote attackers to cause a denial of service (kernel panic and crash) via a large number of crafted IGMP packets. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD VulDB
EPSS 1% CVSS 5.0
MEDIUM This Month

Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Denial Of Service Junos +7
NVD VulDB
EPSS 0% CVSS 7.2
HIGH This Week

Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Information Disclosure Ivanti +1
NVD VulDB
EPSS 0% CVSS 3.5
LOW Monitor

Cross-site scripting (XSS) vulnerability in the Pulse Collaboration (Secure Meeting) user pages in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Ivanti +1
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets. Rated medium severity (CVSS 5.4). No vendor patch available.

Denial Of Service Juniper Junos +2
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before 11.4R9, and 12.1R before 12.1R7 on SRX Series service gateways allows remote attackers to cause a denial of service (flowd crash). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos +12
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Race Condition +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Juniper Junos
NVD
EPSS 1% CVSS 7.1
HIGH This Week

The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos +12
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Screenos +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web administrative component in Juniper IDP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the ACM web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Idp250 +3
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Cross-site scripting (XSS) vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Ivanti Juniper XSS +1
NVD
EPSS 9% CVSS 9.0
CRITICAL POC Act Now

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Juniper Information Disclosure +1
NVD Exploit-DB
EPSS 0% CVSS 9.3
CRITICAL Act Now

Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3,. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos
NVD
EPSS 0% CVSS 8.5
HIGH This Week

Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Juniper Junos 10.0 before 10.0S28, 10.4 before 10.4R7, 11.1 before 11.1R5, 11.2 before 11.2R2, and 11.4 before 11.4R1, when in a Next-Generation Multicast VPN (NGEN MVPN) environment, allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before 12.1R3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D15 on SRX Series services gateways, when a plugin using TCP proxy is. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos
NVD
EPSS 6% CVSS 6.8
MEDIUM This Month

Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Juniper RCE +1
NVD
EPSS 0% CVSS 5.1
MEDIUM This Month

J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Juniper Junos
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Junos Pulse Secure Access Service (IVE) 7.1 before 7.1r5, 7.2 before 7.2r10, 7.3 before 7.3r6, and 7.4 before 7.4r3 and Junos Pulse Access Control Service (UAC) 4.1 before 4.1r8.1, 4.2 before 4.2r5,. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Ivanti +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.1 before 7.1r15, 7.2 before 7.2r11, 7.3 before 7.3r6, and 7.4 before 7.4r3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Ivanti Juniper XSS +1
NVD
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Juniper Junos Space +2
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly implement role-based access control, which allows remote authenticated users to modify. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Juniper Junos Space +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Junos Space +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Ive Os +16
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before 12.1R5-S3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on the SRX1400, SRX3400, and SRX3600 does not properly. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Juniper Information Disclosure Junos +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos +12
NVD
EPSS 2% CVSS 7.8
HIGH This Week

flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos +12
NVD
EPSS 1% CVSS 7.1
HIGH This Week

The kernel in Juniper Junos 10.4 before 10.4R14, 11.4 before 11.4R8, 11.4X27 before 11.4X27.43, 12.1 before 12.1R6, 12.1X44 before 12.1X44-D20, 12.2 before 12.2R4, and 12.3 before 12.3R2, in certain. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Juniper Junos
NVD
EPSS 7% CVSS 10.0
CRITICAL Act Now

Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Juniper RCE +13
NVD
EPSS 1% CVSS 7.8
HIGH This Week

flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 before 12.1R7, and 12.1X44 before 12.1X44-D15 on SRX devices, when PIM and NAT are enabled, allows remote attackers to cause a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos +12
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.0r2 through 7.0r8 and 7.1r1 through 7.1r5 and Junos Pulse Access Control Service (aka UAC) with UAC OS 4.1r1 through 4.1r5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Juniper Information Disclosure Ivanti +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Juniper SmartPass WLAN Security Management before 7.7 MR3 and 8.0 before MR2 allows remote attackers to inject arbitrary web script or HTML via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Juniper XSS Smartpass
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

Juniper Junos Space before 12.3P2.8, as used on the JA1500 appliance and in other contexts, includes a cleartext password in a configuration tab, which makes it easier for physically proximate. Rated medium severity (CVSS 4.7). No vendor patch available.

Juniper Authentication Bypass Junos Space +2
NVD
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the WebAAA login functionality (wba_login.html) in Juniper Networks Mobility System Software (MSS) 7.6.x before 7.6.3, 7.7.x before 7.7.1, 7.5.x before. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Juniper XSS Networks Mobility System Software
NVD Exploit-DB
Prev Page 11 of 11

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy