38 matches found
EUVD-2014-3761
Malware in sbrugna...
EUVD-2012-5379
Malware in sbrugna...
CVE-2014-3824
Cross-site scripting XSS vulnerability in the web server in the Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-3820
Cross-site scripting XSS vulnerability in the SSL VPN/UAC web server in the Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 7.1 before 7.1r16, 7.4 before 7.4r3, and 8.0 before 8.0r1 and the Juniper Junos Pulse Access Control Service devices with UAC OS 4.1 before 4.1r8, 4.4...
Cross site scripting
Cross-site scripting XSS vulnerability in the SSL VPN/UAC web server in the Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 7.1 before 7.1r16, 7.4 before 7.4r3, and 8.0 before 8.0r1 and the Juniper Junos Pulse Access Control Service devices with UAC OS 4.1 before 4.1r8, 4.4...
CVE-2014-3824
CVE-2014-3824 describes a cross-site scripting (XSS) vulnerability in the web server of Juniper Junos Pulse Secure Access Service (SSL VPN) devices using IVE OS. The issue stems from incorrect user input validation on the SSL VPN web page, potentially enabling an attacker to inject arbitrary scri...
CVE-2014-3824
Cross-site scripting XSS vulnerability in the web server in the Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Junos Pulse Secure Access IVE OS Clickjacking (JSA10647)
According to its self-reported version, the version of IVE running on the remote host is affected by a clickjacking vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid77691; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...
Junos Pulse Secure Access IVE / UAC OS XSS (JSA10645)
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by a cross site scripting vulnerability due to incorrect user input validation on the SSL VPN / UAC web server. Note that this issue exists within a web page that is only accessible by an...
Junos Pulse Secure Access IVE OS XSS (JSA10646)
According to its self-reported version, the version of IVE running on the remote host is affected by a cross site scripting vulnerability due to incorrect user input validation on the SSL VPN web server. Note that this issue exists within a web page that is only accessible by an authenticated use...
Junos Pulse Secure Access IVE / UAC OS Weak Cipher Information Disclosure (JSA10628)
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by an information disclosure vulnerability due to an issue where cipher suites with weak encryption algorithms are used even when cipher suites with strong encryption algorithms are enabled....
CVE-2014-3812
The Juniper Junos Pulse Secure Access Service SSL VPN devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service UAC before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain...
CVE-2014-3812
The CVE-2014-3812 issue affects Juniper Junos Pulse Secure Access Service (SSL VPN) IVE OS (<7.4r5) and 8.x (<8.0r1) and Junos Pulse Access Control Service (UAC) (<4.4r5) / 5.x (
CVE-2014-2291
Cross-site scripting XSS vulnerability in the Pulse Collaboration Secure Meeting user pages in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows remote authenticated users to inject arbitrary web scrip...
Design/Logic Flaw
Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service aka SSL VPN with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows local users to gain privileges via unspecified vectors...
CVE-2014-2291
Pulse Secure Access Service (IVE OS) is affected by CVE-2014-2291 due to inadequate input validation on the Pulse Collaboration (Secure Meeting) user pages, allowing remote authenticated users to inject arbitrary HTML/Script. Impact per sources is that this affects Juniper Junos Pulse Secure Acce...
Juniper Junos Pulse Secure Access Service跨站脚本漏洞
CVE ID:CVE-2014-2291 Juniper Networks的Secure Access是企业级的SSL VPN接入设备,设备上所运行的操作系统为Juniper IVE OS。 由于某些关于Pulse Collaboration Secure Meeting用户页面的输入在返回用户前没有正确过滤,攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 Juniper IVE OS Software 7.x Juniper IVE OS Software 8.x Juniper Junos Pulse Secure Access Service...
Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10617)
According to its self-reported version, the version of Juniper Junos Pulse Secure Access Service IVE OS running on the remote host is affected by an unspecified cross-site scripting vulnerability that is present within the Pulse Collaboration Secure Meeting user pages. An attacker could exploit...
Juniper Junos Pulse Secure Access Service (IVE)跨站脚本漏洞
CVE ID:CVE-2013-6956 Juniper Networks的Secure Access是企业级的SSL VPN接入设备,设备上所运行的操作系统为Juniper IVE OS。 Juniper Junos Pulse Secure Access Service IVE在重写特性页面时没有正确过滤用户提交的输入,允许远程攻击者利用漏洞进行跨站脚本攻击,可构建恶意URI,诱使用户解析,可获取敏感信息或者劫持用户会话。 0 Juniper IVE OS 8.0 Juniper IVE OS 7.4r5 Juniper IVE OS 7.3r7 Juniper IVE OS...
Juniper Junos Pulse Secure Access Service IVE OS (SSL VPN) XSS (JSA10602)
According to its self-reported version, the version of Juniper Junos Pulse Secure Access Service IVE OS running on the remote host is affected by an unspecified cross-site scripting vulnerability that is present within a file that pertains to Secure Access Service Web rewriting feature pages host...