1476 matches found
CVE-2024-34420
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in talspotim Comments Evolved for WordPress allows Stored XSS.This issue affects Comments Evolved for WordPress: from n/a through 1.6.3...
UPF 安全漏洞
UPF is an open source user interface from the Aether SD-Core Project. A security vulnerability exists in UPF upf-epc-pfcpiface:version 2.1.3-dev, which originates from dereferencing a null pointer when processing a PFCP session report response that lacks a cause information element, which could...
Juniper Networks Junos OS Evolved Operating System Command Injection Vulnerability
Juniper Networks Junos OS Evolved is an upgraded version of Juniper Networks' Junos OS. Juniper Networks Junos OS Evolved suffers from an operating system command injection vulnerability that stems from improper handling of special elements, which could be exploited by an attacker to cause an OS...
CVE-2025-60006
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...
CVE-2025-59967
A NULL Pointer Dereference vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 devices allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. Whenever specific valid...
EUVD-2025-33363
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service DoS. When an affected system receives a specific BGP EVPN updat...
EUVD-2025-33360
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has responde...
EUVD-2025-33378
A NULL Pointer Dereference vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved on ACX7024, ACX7024X, ACX7100-32C, ACX7100-48L, ACX7348, ACX7509 devices allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. Whenever specific valid...
EUVD-2025-33399
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to cause impact to confidentiality and availability. When an output firewall filter is...
EUVD-2025-33401
An Uncontrolled Resource Consumption vulnerability in the Connectivity Fault Management CFM daemon and the Connectivity Fault Management Manager cfmman of Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10002-36QDD, PTX10004, PTX10008, PTX10016 allows an unauthenticated, adjacent attacker ...
CVE-2025-60010
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has responde...
CVE-2025-60010
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has responde...
CVE-2025-60006
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...
CVE-2025-60004
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service DoS. When an affected system receives a specific BGP EVPN updat...
CVE-2025-60006
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...
CVE-2025-60010 Junos OS and Junos OS Evolved: Device allows login for user with expired password
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has responde...
CVE-2025-60010
CVE-2025-60010 affects Juniper Junos OS and Junos OS Evolved. A password-aging flaw in the RADIUS client lets an authenticated, network-based attacker log in without enforcing a required password change, using an expired but correct password. Affected versions include: Junos OS pre-22.4R3-S8, 23....
CVE-2025-60010 Junos OS and Junos OS Evolved: Device allows login for user with expired password
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has responde...
CVE-2025-60006 Junos OS Evolved: OS command injection vulnerabilities fixed
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...
CVE-2025-60006 Junos OS Evolved: OS command injection vulnerabilities fixed
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...