CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/10 12:30 a.m.•0 views

EUVD-2026-21088

NVD•added 2026/04/09 10:16 p.m.•2 views

CVE-2026-33779

8.3CVSS0.00026EPSS

CVE•added 2026/04/09 9:30 p.m.•10 views

CVE-2026-33779

The CVE concerns Junos OS on SRX Series failing to properly verify the server certificate when provisioning to Security Director cloud, enabling a PITM to intercept traffic and access credentials and sensitive data. Affected Junos OS versions include all before 22.4R3-S9, 23.2 before 23.2R2-S6, 2...

Exploits0References1Affected Software1

ATTACKERKB•added 2026/04/09 9:30 p.m.•2 views

CVE-2026-33779

Exploits0References2Affected Software1

Cvelist•added 2026/04/09 9:30 p.m.•21 views

CVE-2026-33779 Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communication

8.3CVSS0.00026EPSS

Vulnrichment•added 2026/04/09 9:30 p.m.•2 views

CVE-2026-33779 Junos OS: SRX Series: Insufficient certificate verification for device to SD cloud communication

8.3CVSS5.8AI score0.00026EPSS

Positive Technologies•added 2026/04/09 12:0 a.m.•0 views

PT-2026-31749

RedhatCVE•added 2025/10/10 4:20 p.m.•1 views

CVE-2025-59974

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Junos Space Security Director allows an attacker to inject malicious scripts into the application, which are then stored and executed in the context of other users' browsers when they access...

9.3CVSS6.4AI score0.00037EPSS

RedhatCVE•added 2025/10/10 4:20 p.m.•3 views

CVE-2025-59968

A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tampering with this metadata can result in managed SRX Series devices permitting network traffic that shou...

8.6CVSS6.9AI score0.00041EPSS

EUVD•added 2025/10/09 6:30 p.m.•2 views

EUVD-2025-33403

A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an unauthenticated, network-based attacker to replace legitimate vSRX images with malicious ones. If a trusted user initiates deployment, Security Director Policy Enforcer wil...

8.5CVSS6.3AI score0.00032EPSS

EUVD•added 2025/10/09 6:30 p.m.•1 views

EUVD-2025-33388

8.6CVSS6.4AI score0.00041EPSS

Exploits0References3

NVD•added 2025/10/09 4:15 p.m.•2 views

CVE-2025-59974

9.3CVSS0.00037EPSS

NVD•added 2025/10/09 4:15 p.m.•3 views

CVE-2025-59968

8.6CVSS0.00041EPSS

OSV•added 2025/10/09 4:15 p.m.•1 views

CVE-2025-59968

7.7CVSS5.8AI score

OSV•added 2025/10/09 4:15 p.m.•0 views

CVE-2025-11198

8.5CVSS5.8AI score

NVD•added 2025/10/09 4:15 p.m.•2 views

CVE-2025-11198

8.5CVSS0.00032EPSS

Cvelist•added 2025/10/09 3:57 p.m.•3 views

CVE-2025-59974 Junos Space Security Director: Persistent Cross-Site Scripting (XSS) vulnerability

9.3CVSS0.00037EPSS

CVE•added 2025/10/09 3:57 p.m.•7 views

CVE-2025-59974

CVE-2025-59974 is a stored cross-site scripting (XSS) vulnerability in Juniper Networks’ Junos Space Security Director. The issue arises from improper input neutralization during web page generation, allowing an attacker to inject scripts that are stored and later executed in other users’ browser...

9.3CVSS6AI score0.00037EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/10/09 3:57 p.m.•1 views

CVE-2025-59974 Junos Space Security Director: Persistent Cross-Site Scripting (XSS) vulnerability

9.3CVSS6AI score0.00037EPSS