CVE-2018-0053 vSRX Series: A local authentication vulnerability may lead to full control of a vSRX instance while the system is booting.

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions...

CVE-2018-0001

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions...

Input validation

Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches allows remote attackers to cause a denial of service PFE panic via a high rate of unspecified VXLAN packets...

CVE-2016-1262

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway RTSP ALG is enabled, allow remote attackers to cause a denial of service flowd crash v...

CVE-2012-3047

The CVE-2012-3047 issue affects Cisco Scientific Atlanta D20 and D30 cable modems, where the web-wizard setup page is vulnerable to Cross-site Scripting (XSS). The root cause is insufficient sanitization of user-supplied input on the web wizard setup page, enabling an unauthenticated, remote atta...