CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 0CVE-2014-3812
https://notcve.org/view.php?id=CVE-2014-3812
13 Jun 2014 — The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network. Los dispositivos Juniper Junos Pulse Secure Access Service (SSL VPN) con IVE OS anterior a 7.4r5 y 8.x anterior a 8.0r1 y Junos Pulse Access Control Service (UAC) anterio... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10628 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2292
https://notcve.org/view.php?id=CVE-2014-2292
14 Mar 2014 — Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows local users to gain privileges via unspecified vectors. Vulnerabilidad no especificada en el cliente de Linux Network Connect en Juniper Junos Pulse Secure Access Service (también conocido como SSL VPN) con IVE OS anterior a 7.1r18, 7.3 anterior a 7.3r10, 7.4 anterior a 7.4r8 y 8.0 anterior a 8.0r1... • https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10616 •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2014-2291
https://notcve.org/view.php?id=CVE-2014-2291
14 Mar 2014 — Cross-site scripting (XSS) vulnerability in the Pulse Collaboration (Secure Meeting) user pages in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en las páginas de usuarios de Pulse Collaboration (Secure Meeting) en Juniper Junos Pulse Secure Access Service (también conocido como SSL VPN) con IVE ... • http://secunia.com/advisories/57375 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2013-6956
https://notcve.org/view.php?id=CVE-2013-6956
13 Dec 2013 — Cross-site scripting (XSS) vulnerability in the Secure Access Service Web rewriting feature in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r17, 7.3 before 7.3r8, 7.4 before 7.4r6, and 8.0 before 8.0r1, when web rewrite is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Cross-site scripting (XSS) en la caracteristica de reescritura en la web del Servicio de Acceso Seguro de Juniper Junos Secure Access Service (tambié... • http://osvdb.org/100862 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2013-5649
https://notcve.org/view.php?id=CVE-2013-5649
13 Sep 2013 — Multiple cross-site scripting (XSS) vulnerabilities in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS 7.1 before 7.1r15, 7.2 before 7.2r11, 7.3 before 7.3r6, and 7.4 before 7.4r3 allow (1) remote attackers to inject arbitrary web script or HTML via vectors involving login pages, and allow (2) remote authenticated users to inject arbitrary web script or HTML via vectors involving a support page. Multiples vulnerabilidades cross-site scripting (XSS) en el Secure Access Service (SSL VPN) d... • http://kb.juniper.net/JSA10589 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 19EXPL: 0CVE-2012-5460 – Juniper Secure Access Cross Site Scripting
https://notcve.org/view.php?id=CVE-2012-5460
23 Jul 2013 — Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter. Vulnerabilidad XSS en la página de ayuda en Juniper Secure Access (SA) con IVE OS anterior a 7.1r13, 7.2.x anterior a 7.2r7, y 7.3.x anterior a 7.3r2, permite a atacantes remotos inyectar secuencias de comandos web y HTML arbitrarias a través del paráme... • http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •