Page 34 of 181 results (0.009 seconds)

CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0

Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2, and 13.3 before 13.3R1 allows local users to gain privileges via vectors related to "certain combinations of Junos OS CLI commands and arguments." Juniper Junos 10.4 anteriores a 10.4R16, 11.4 anteriores a 11.4R10, 12.1R anteriores a 12.1R8-S2, 12.1X44 anteriores a 12.1X44-D30, 12.1X45 anteriores a 12.1X45-D20, 12.1X46 anteriores a 12.1X46-D10, 12.2 anteriores a 12.2R7, 12.3 anteriores a 12.3R5, 13.1 anteriores a 13.1R3-S1, 13.2 anteriores a 13.2R2 y 13.3 anteriores a 13.3R1, permite a usuarios locales obener privilegios a través de vectores relacionados con "ciertas combinaciones de comandos y argumentos Junos OS CLI". • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10608 http://osvdb.org/101862 http://www.securityfocus.com/bid/64762 http://www.securitytracker.com/id/1029585 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.1EPSS: 0%CPEs: 16EXPL: 0

Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before 11.4R9, and 12.1R before 12.1R7 on SRX Series service gateways allows remote attackers to cause a denial of service (flowd crash) via a crafted IP packet. Juniper Junos 10.4S anteriores a 10.4S15, 10.4R anteriores a 10.4R16, 11.4 anteriores a 11.4R9 y 12.1R anteriores a 12.1R7 en los servicios de pasarela SRX Series permite a atacantes remotos causar denegación de servicio (caída de flowd) a través de un paquete IP manipulado. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10610 http://osvdb.org/101863 http://www.securityfocus.com/bid/64764 http://www.securitytracker.com/id/1029583 •

CVSS: 7.1EPSS: 0%CPEs: 11EXPL: 0

The XNM command processor in Juniper Junos 10.4 before 10.4R16, 11.4 before 11.4R10, 12.1R before 12.1R8-S2, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, 12.1X46 before 12.1X46-D10, 12.2 before 12.2R7, 12.3 before 12.3R5, 13.1 before 13.1R3-S1, 13.2 before 13.2R2-S2, and 13.3 before 13.3R1, when xnm-ssl or xnm-clear-text is enabled, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. El procesador de comandos XNM en Juniper Junos 10.4 anteriores a 10.4R16, 11.4 anteriores a 11.4R10, 12.1R anteriores a 12.1R8-S2, 12.X44 anteriores a 12.1X44-D30, 12.1X45 anteriores a 12.X45-D20, 12.1X46 anteriores a 12.1X46-D10, 12.2 anteriores a 12.2R7, 12.3 anteriores a 12.3R5, 13.1 anteriores a 13.1R3-S1, 13.2 anteriores a 13.2R2-S2, y 13.3 anteriores a 13.3R1, cuando xnml-ssl o xnm-clear-text está activo, permite a atacantes remotos causar denegación de servicio (consumo de memoria) a través de vectores no especificados. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10607 http://osvdb.org/101861 http://www.securitytracker.com/id/1029586 •

CVSS: 7.8EPSS: 1%CPEs: 17EXPL: 0

Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted HTTP message. Juniper Junos anterior a la versión 10.4 anterior a 10.4R16, 11.4 anterior a la versión 11.4R8, 12.1R anterior a 12.1R7, 12.1X44 anterior a la versión 12.1X44-D20, y 12.1X45 anterior a 12.1X45-D10 en pasarelas de servicio SRX Series, cuando se usa como un agente UAC y el portal cautivo está activado, permite a atacantes remotos provocar una denegación de servicio (cuelgue flowd) a través de un mensaje HTTP manipulado. • http://osvdb.org/101864 http://www.securityfocus.com/bid/64769 http://www.securitytracker.com/id/1029584 https://exchange.xforce.ibmcloud.com/vulnerabilities/90238 https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10611 •

CVSS: 9.0EPSS: 3%CPEs: 9EXPL: 4

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action. jsdm / ajax / port.php de J-Web en Juniper Junos anterior 10.4R13, 11.4 anterior a 11.4R, 12,.1 anterior a 12.1R5 anterior a 12.2R3 y 12.3 antes 12.3R1 permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través del parámetro rsargs en una acción exec. • https://www.exploit-db.com/exploits/29544 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10560 http://secunia.com/advisories/54731 http://www.exploit-db.com/exploits/29544 http://www.securityfocus.com/bid/62305 http://www.securitytracker.com/id/1029016 http://www.senseofsecurity.com.au/advisories/SOS-13-003 https://exchange.xforce.ibmcloud.com/vulnerabilities/87011 • CWE-20: Improper Input Validation •