CVSS: 5.9EPSS: 0%CPEs: 9EXPL: 0CVE-2016-1262
https://notcve.org/view.php?id=CVE-2016-1262
15 Jan 2016 — Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of service (flowd crash) via a crafted RTSP packet. Juniper Junos OS en versiones anteriores a 12.1X46-D45, 12.1X47 en versiones anteriores a 12.1X47-D30, 12.1X48 en versiones anteriores a 12.3X48-D20 y 15.1X49 en versiones anteriores a ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10721 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7749
https://notcve.org/view.php?id=CVE-2015-7749
19 Oct 2015 — The PFE daemon in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D20 allows remote attackers to cause a denial of service via an unspecified connection request to the "host-OS." El demonio PFE en firewalls virtuales de Juniper vSRX con Junos OS en versiones anteriores a 15.1X49-D20 permite a atacantes remotos provocar una denegación de servicio a través de una petición de conexión no especificada en el 'host-OS'. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10703 • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 54EXPL: 0CVE-2015-7751
https://notcve.org/view.php?id=CVE-2015-7751
19 Oct 2015 — Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X50 before 14.1X50-D105, 14.1X51 before 14.1X51-D70, 14.1X53 before 14.1X53-D25, 14.1X55 before 14.1X55-D20, 14.2 before 14.2R1, 15.1 before 15.1F2 or 15.1R1, and 15.1X49 before 15.1X49-D10 does not require a password for the root user when pam.conf is "corrupted," which allows ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10707 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-6451
https://notcve.org/view.php?id=CVE-2014-6451
16 Oct 2015 — J-Web in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D20 allows remote attackers to cause a denial of service (system reboot) via unspecified vectors. J-Web en Juniper vSRX virtual firewalls con Junos SO en versiones anteriores a 15.1X49-D20 permite a atacantes remotos provocar una denegación de servicio (reinicio del sistema) a través de vectores no especificados. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10700 •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2014-3818
https://notcve.org/view.php?id=CVE-2014-3818
14 Oct 2014 — Juniper Junos OS 9.1 through 11.4 before 11.4R11, 12.1 before R10, 12.1X44 before D40, 12.1X46 before D30, 12.1X47 before D11 and 12.147-D15, 12.1X48 before D41 and D62, 12.2 before R8, 12.2X50 before D70, 12.3 before R6, 13.1 before R4-S2, 13.1X49 before D49, 13.1X50 before 30, 13.2 before R4, 13.2X50 before D20, 13.2X51 before D25, 13.2X52 before D15, 13.3 before R2, and 14.1 before R1, when supporting 4-byte AS numbers and a BGP peer does not, allows remote attackers to cause a denial of service (memory ... • http://www.securitytracker.com/id/1031009 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 67EXPL: 0CVE-2013-7313
https://notcve.org/view.php?id=CVE-2013-7313
23 Jan 2014 — The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149. La implementación de OSPF en Juniper Junos hasta la versión 13.x, JunosE, y ScreenO... • http://www.kb.cert.org/vuls/id/229804 •
CVSS: 9.0EPSS: 9%CPEs: 9EXPL: 4CVE-2013-6618 – Juniper Junos J-Web - Privilege Escalation
https://notcve.org/view.php?id=CVE-2013-6618
05 Nov 2013 — jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action. jsdm / ajax / port.php de J-Web en Juniper Junos anterior 10.4R13, 11.4 anterior a 11.4R, 12,.1 anterior a 12.1R5 anterior a 12.2R3 y 12.3 antes 12.3R1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través del parámetro rsargs en una a... • https://www.exploit-db.com/exploits/29544 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 53EXPL: 0CVE-2013-6015
https://notcve.org/view.php?id=CVE-2013-6015
17 Oct 2013 — Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before 12.1R3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D15 on SRX Series services gateways, when a plugin using TCP proxy is configured, allows remote attackers to cause a denial of service (flow daemon crash) via an unspecified sequence of TCP packets. Juniper Junos en versiones anteriores a 10.4S14, 11.4 en versiones anteriores a 11.4R5-S2, 12.1R en versiones anteriores a 12.1R3, 12.1X44 en versiones anteriores a 12.1X44-D20 y 12.1X... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10596 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 44EXPL: 0CVE-2013-4689
https://notcve.org/view.php?id=CVE-2013-4689
17 Oct 2013 — J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators for requests that (1) create new administrator accounts or (2) have other unspecified impacts. J-Web in Juniper Junos anterior a la versión 10.4R13, 11.4 anterior a 11.4R7, ... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10597 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 5%CPEs: 52EXPL: 0CVE-2013-6013
https://notcve.org/view.php?id=CVE-2013-6013
17 Oct 2013 — Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message. Desbordamiento de búfer en el demonio de flujo (flowd) de Juniper Junos anterior 10.4S14 10.4, 11.4 anterior 11.4R7-S2, 12.1.X44 anterior 12.1X44-D15, anterior 12.1X45 12.1X45-D10 en dispo... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10594 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •