Lucene search
K

203 matches found

Vulnrichment
Vulnrichment
added 2024/10/11 3:21 p.m.14 views

CVE-2024-39563 Junos Space: Remote Command Execution (RCE) vulnerability in web application

A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request to execute arbitrary shell commands on the Junos Space Appliance, leading to remote command execution by the web application, gaining complete...

7.3CVSS8AI score0.01289EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/11 3:21 p.m.24 views

CVE-2024-39563 Junos Space: Remote Command Execution (RCE) vulnerability in web application

A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated, network-based attacker sending a specially crafted request to execute arbitrary shell commands on the Junos Space Appliance, leading to remote command execution by the web application, gaining complete...

7.3CVSS0.01289EPSS
Exploits0References1
NVD
NVD
added 2024/08/29 11:15 a.m.27 views

CVE-2024-5624

Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...

6.1CVSS0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/29 8:53 a.m.38 views

CVE-2024-5624 Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL

Reflected Cross-Site Scripting XSS in Shift Logbook application of B&R APROL = R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's browser session...

5.1CVSS0.00239EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/08/28 12:0 a.m.12 views

Juniper Junos OS DoS (JSA82988)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA82988 advisory. - A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated,...

8.7CVSS5.7AI score0.00476EPSS
Exploits0References2
NVD
NVD
added 2024/07/11 5:15 p.m.23 views

CVE-2024-39533

An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions...

6.9CVSS0.00296EPSS
Exploits0References1
CVE
CVE
added 2024/07/11 4:32 p.m.56 views

CVE-2024-39553

CVE-2024-39553 affects Juniper Networks Junos OS Evolved sampling service (inline jflow). A Resource Exposure to Wrong Sphere vulnerability allows an unauthenticated, network-based attacker to send arbitrary data to the device, causing the msvcsd process to crash and yielding limited DoS while no...

6.9CVSS6.7AI score0.00398EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/07/11 4:29 p.m.20 views

CVE-2024-39551 Junos OS: SRX Series and MX Series with SPC3 and MS-MPC/MIC: Receipt of specific packets in H.323 ALG causes traffic drop

An Uncontrolled Resource Consumption vulnerability in the H.323 ALG Application Layer Gateway of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of...

8.7CVSS0.00476EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/11 4:22 p.m.15 views

CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...

8.7CVSS6.9AI score0.00491EPSS
Exploits0References1
CVE
CVE
added 2024/07/11 4:22 p.m.51 views

CVE-2024-39545

The CVE describes an Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS iked (on SRX Series, MX Series with SPC3, and NFX350), where unauthenticated network-based attackers can trigger an iked crash during IPsec negotiations by sending specific mismatching parameter...

8.7CVSS7.5AI score0.00491EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/07/11 4:22 p.m.25 views

CVE-2024-39545 Junos OS: SRX Series, MX Series with SPC3 and NFX350: When VPN tunnels parameters are not configured in specific way the iked process will crash

An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350 allows allows an unauthenticated, network-based attacker sending specific mismatching parameters as part of the IPsec...

8.7CVSS0.00491EPSS
Exploits0References1
NVD
NVD
added 2024/07/11 4:15 p.m.21 views

CVE-2024-39528

A Use After Free vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service DoS.On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at...

6CVSS0.00335EPSS
Exploits0References1
CVE
CVE
added 2024/07/11 4:14 p.m.44 views

CVE-2024-39537

CVE-2024-39537 affects Juniper Networks Junos OS Evolved on the ACX 7000 Series. Root cause: initialization error allows processes that should be internal to be reachable over the network via open ports, enabling an unauthenticated, network-based attacker to cause limited information disclosure a...

6.9CVSS6.3AI score0.00332EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/07/11 4:8 p.m.18 views

CVE-2024-39533 Junos OS: QFX5000 Series and EX4600 Series: Output firewall filter is not applied if certain match criteria are used

An Unimplemented or Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series allows an unauthenticated, network-based attacker to cause a minor integrity impact to downstream networks.If one or more of the following match conditions...

6.9CVSS6.9AI score0.00296EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/11 4:2 p.m.24 views

CVE-2024-39528 Junos OS and Junos OS Evolved: Concurrent deletion of a routing-instance and receipt of an SNMP request cause an RPD crash

A Use After Free vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to cause a Denial of Service DoS.On all Junos OS and Junos Evolved platforms, if a routing-instance deactivation is triggered, and at...

6CVSS6.8AI score0.00335EPSS
Exploits0References1
CVE
CVE
added 2024/07/11 4:2 p.m.66 views

CVE-2024-39528

CVE-2024-39528 — AUse After Free in Juniper Junos OS/Junos OS Evolved Routing Protocol Daemon (rpd) causes a segmentation fault on a specific sequence (routing-instance deactivation + SNMP request), leading to rpd crash and DoS. Affected: Junos OS and Junos OS Evolved. Reported vulnerable version...

6CVSS5.5AI score0.00335EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/07/10 10:55 p.m.25 views

CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.

An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...

8.8CVSS0.00517EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.13 views

Juniper Junos OS Vulnerability (JSA83007)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83007 advisory. - An Improper Check for Unusual or Exceptional Conditions vulnerability in the the IKE daemon iked of Juniper Networks Junos OS on SRX Series, MX Series with SPC3 and NFX350...

8.7CVSS6AI score0.00491EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.15 views

Juniper Junos OS Vulnerability (JSA83023)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83023 advisory. - An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated,...

8.8CVSS6AI score0.00517EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.15 views

Juniper Junos OS Vulnerability (JSA79101)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79101 advisory. - An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send...

6.9CVSS6AI score0.00398EPSS
Exploits1References2
Rows per page
Query Builder