Filtered by vendor Juniper
Subscribe
Total
726 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0468 | 1 Juniper | 1 Junos | 2017-07-10 | 5.0 MEDIUM | N/A |
| Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets. | |||||
| CVE-2017-2309 | 1 Juniper | 1 Junos Space | 2017-06-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| On Juniper Networks Junos Space versions prior to 16.1R1 when certificate based authentication is enabled for the Junos Space cluster, some restricted web services are accessible over the network. This represents an information leak risk. | |||||
| CVE-2017-2308 | 1 Juniper | 1 Junos Space | 2017-06-08 | 5.0 MEDIUM | 6.5 MEDIUM |
| An XML External Entity Injection vulnerability in Juniper Networks Junos Space versions prior to 16.1R1 may allow an authenticated user to read arbitrary files on the device. | |||||
| CVE-2017-2307 | 1 Juniper | 1 Junos Space | 2017-06-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross site scripting vulnerability in the administrative interface of Juniper Networks Junos Space versions prior to 16.1R1 may allow remote attackers to steal sensitive information or perform certain administrative actions on Junos Space. | |||||
| CVE-2017-2326 | 1 Juniper | 1 Northstar Controller | 2017-04-28 | 6.8 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, network-based attacker to replicate the underlying Junos OS VM and all data it maintains to their local system for future analysis. | |||||
| CVE-2017-2332 | 1 Juniper | 1 Northstar Controller | 2017-04-28 | 9.3 HIGH | 8.8 HIGH |
| An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network based, unauthenticated attacker to perform privileged actions to gain complete control over the environment. | |||||
| CVE-2017-2316 | 1 Juniper | 1 Northstar Controller | 2017-04-27 | 2.1 LOW | 6.5 MEDIUM |
| A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service. | |||||
| CVE-2017-2334 | 1 Juniper | 1 Northstar Controller | 2017-04-27 | 4.3 MEDIUM | 7.5 HIGH |
| An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from encrypted paths which are easily decrypted, and subsequently gain complete control of the system. | |||||
| CVE-2017-2324 | 1 Juniper | 1 Northstar Controller | 2017-04-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to cause a denial of service condition. | |||||
| CVE-2017-2318 | 1 Juniper | 1 Northstar Controller | 2017-04-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to read log files which will compromise the integrity of the system, or provide elevation of privileges. | |||||
| CVE-2017-2329 | 1 Juniper | 1 Northstar Controller | 2017-04-27 | 2.1 LOW | 6.2 MEDIUM |
| An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to execute certain specific unprivileged system files capable of causing widespread denials of system services. | |||||
| CVE-2017-2328 | 1 Juniper | 1 Northstar Controller | 2017-04-27 | 2.1 LOW | 5.5 MEDIUM |
| An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to elevate their permissions through reading unprivileged information stored in the NorthStar controller. | |||||
| CVE-2017-2325 | 1 Juniper | 1 Northstar Controller | 2017-04-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service. | |||||
| CVE-2016-4931 | 1 Juniper | 1 Junos Space | 2017-03-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. | |||||
| CVE-2016-4930 | 1 Juniper | 1 Junos Space | 2017-03-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2 allows remote attackers to steal sensitive information or perform certain administrative actions. | |||||
| CVE-2016-4928 | 1 Juniper | 1 Junos Space | 2017-03-22 | 6.8 MEDIUM | 8.8 HIGH |
| Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space. | |||||
| CVE-2016-4927 | 1 Juniper | 1 Junos Space | 2017-03-22 | 6.8 MEDIUM | 8.1 HIGH |
| Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM) type of attacks while a Space device is communicating with managed devices. | |||||
| CVE-2016-4926 | 1 Juniper | 1 Junos Space | 2017-03-22 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication. | |||||
| CVE-2016-4929 | 1 Juniper | 1 Junos Space | 2017-03-22 | 9.0 HIGH | 8.8 HIGH |
| Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user. | |||||
| CVE-2014-3411 | 1 Juniper | 3 Network And Security Manager Software, Nsm3000, Nsmexpress | 2017-01-06 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||