CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6551 matches found

Juniper Devices - Remote Code Execution

Multiple cves in Juniper Network CVE-2023-36844|CVE-2023-36845|CVE-2023-36846|CVE-2023-36847.A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables...

9.8CVSS6.9AI score0.94205EPSS

Exploits28References5

Nuclei•added 2 days ago•32 views

Juniper Web Device Manager - Cross-Site Scripting

Juniper Web Device Manager J-Web in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal...

6.1CVSS6.5AI score0.02468EPSS

Exploits0References5

Nuclei•added 2026/06/16 7:13 a.m.•53 views

Juniper J-Web - Remote Code Execution

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables to execute remote commands id: CVE-2023-36845 info: name: Juniper J-Web - Remote Code...

9.8CVSS7.9AI score0.93546EPSS

Exploits27References5

OSV•added 2026/06/15 4:11 p.m.•5 views

USN-8429-1 fastnetmon vulnerabilities

It was discovered that FastNetMon incorrectly validated prefix lengths when decoding BGP NLRI data. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. CVE-2026-48686 It was...

9.8CVSS6.2AI score0.01645EPSS

Exploits2References6

Tenable Nessus•added 2026/05/27 12:0 a.m.•12 views

Linux Distros Unpatched Vulnerability : CVE-2026-48694

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In...

8.1CVSS5.5AI score0.00234EPSS

Exploits0References3

Tenable Nessus•added 2026/05/27 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-48687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in...

9.8CVSS5.8AI score0.01645EPSS

Exploits1References3

NVD•added 2026/05/26 6:16 p.m.•12 views

CVE-2026-48694

FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...

8.1CVSS0.00234EPSS

Exploits0References2

OSV•added 2026/05/26 6:16 p.m.•6 views

DEBIAN-CVE-2026-48694

8.1CVSS6AI score0.00234EPSS

Exploits0References1

OSV•added 2026/05/26 6:16 p.m.•5 views

UBUNTU-CVE-2026-48694

8.1CVSS6AI score0.00234EPSS

Exploits0References7

UbuntuCve•added 2026/05/26 6:16 p.m.•12 views

CVE-2026-48694

8.1CVSS6AI score0.00234EPSS

Exploits0References5

NVD•added 2026/05/26 4:16 p.m.•13 views

CVE-2026-48687

FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...

9.8CVSS0.01645EPSS

Exploits1References3

OSV•added 2026/05/26 4:16 p.m.•4 views

DEBIAN-CVE-2026-48687

9.8CVSS6AI score0.01645EPSS

Exploits1References1

OSV•added 2026/05/26 4:16 p.m.•7 views

UBUNTU-CVE-2026-48687

9.8CVSS6AI score0.01645EPSS

Exploits1References8

UbuntuCve•added 2026/05/26 4:16 p.m.•10 views

CVE-2026-48687

9.8CVSS5.9AI score0.01645EPSS

Exploits1References6

Cvelist•added 2026/05/26 12:0 a.m.•37 views

CVE-2026-48694

0.00234EPSS

Exploits0References2

Positive Technologies•added 2026/05/26 12:0 a.m.•12 views

PT-2026-43354

Name of the Vulnerable Software and Affected Versions FastNetMon Community Edition versions prior to 1.3.0 Description A configuration injection issue exists in the Juniper router integration plugin. In the file src/juniper plugin/fastnetmon juniper.php, the variable IP ATTACK received from argv1...

8.1CVSS6AI score0.00234EPSS

Exploits0References17

Vulnrichment•added 2026/05/26 12:0 a.m.•7 views

CVE-2026-48694

6AI score0.00234EPSS

Exploits0References2

ATTACKERKB•added 2026/05/26 12:0 a.m.•6 views

CVE-2026-48694

6AI score0.00234EPSS

Exploits0References3

CNNVD•added 2026/05/26 12:0 a.m.•9 views

FastNetMon 安全漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain security vulnerabilities. These vulnerabilities stem from the lack of validation or cleaning of IP address variables in the...

8.1CVSS5.8AI score0.00234EPSS

Exploits0References2

CVE•added 2026/05/26 12:0 a.m.•16 views

CVE-2026-48694

CVE-2026-48694 affects FastNetMon Community Edition up to 1.2.9 via the Juniper router integration plugin. The vulnerability arises because the variable $IP_ATTACK (from argv[1]) is directly interpolated into NETCONF set-configuration commands without validation, allowing an attacker-controlled I...

8.1CVSS6AI score0.00234EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by