Filtered by vendor Juniper
Subscriptions
Total
1060 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1280 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos. | ||||
| CVE-2016-1278 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software" command with the "partition" option. | ||||
| CVE-2016-1274 | 1 Juniper | 6 Junos, Qfx10000, Qfx3500 and 3 more | 2025-04-12 | N/A |
| Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches allows remote attackers to cause a denial of service (PFE panic) via a high rate of unspecified VXLAN packets. | ||||
| CVE-2014-0612 | 1 Juniper | 8 Junos, Srx100, Srx110 and 5 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors. | ||||
| CVE-2016-1271 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via crafted combinations of CLI commands and arguments, a different vulnerability than CVE-2015-3003, CVE-2014-3816, and CVE-2014-0615. | ||||
| CVE-2016-1268 | 1 Juniper | 1 Screenos | 2025-04-12 | N/A |
| The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet. | ||||
| CVE-2016-1264 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Race condition in the Op command in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 12.3X50 before 12.3X50-D50, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.2X52 before 13.2X52-D30, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D30, 14.2 before 14.2R4, 15.1 before 15.1F2 or 15.1R2, 15.1X49 before 15.1X49-D10 or 15.1X49-D20, and 16.1 before 16.1R1 allows remote authenticated users to gain privileges via the URL option. | ||||
| CVE-2016-1258 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Embedthis Appweb, as used in J-Web in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2X51 before 13.2X51-D20, 13.3 before 13.3R8, 14.1 before 14.1R6, and 14.2 before 14.2R5, allows remote attackers to cause a denial of service (J-Web crash) via unspecified vectors. | ||||
| CVE-2014-2711 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11, 11.4X27 before 11.4X27.62 (BBE), 12.1 before 12.1R9, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.2 before 12.2R7, 12.3 before 12.3R6, 13.1 before 13.1R4, 13.2 before 13.2R3, and 13.3 before 13.3R1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-5360 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| IPv6 sendd in Juniper Junos 12.1X44 before 12.1X44-D51, 12.1X46 before 12.1X46-D36, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.2 before 14.2R3, 15.1 before 15.1R1, and 15.1X49 before 15.1X49-D20, when the "set protocols neighbor-discovery secure security-level default" option is configured, allows remote attackers to cause a denial of service (CPU consumption) via a crafted Secure Neighbor Discovery (SEND) Protocol packet. | ||||
| CVE-2016-1256 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R7, 14.1 before 14.1R5, 14.1X53 before 14.1X53-D18 or 14.1X53-D30, 14.1X55 before 14.1X55-D25, 14.2 before 14.2R4, 15.1 before 15.1R2, and 15.1X49 before 15.1X49-D10 allow remote attackers to cause a denial of service via a malformed IGMPv3 packet, aka a "multicast denial of service." | ||||
| CVE-2016-1260 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 13.2X51-D36, 14.1X53 before 14.1X53-D25, and 15.2 before 15.2R1 on EX4300 series switches allow remote attackers to cause a denial of service (network loop and bandwidth consumption) via unspecified vectors related to Spanning Tree Protocol (STP) traffic. | ||||
| CVE-2015-5357 | 1 Juniper | 4 Ex4600, Junos, Qfx3500 and 1 more | 2025-04-12 | N/A |
| The Juniper EX4600, QFX3500, QFX3600, and QFX5100 switches with Junos 13.2X51-D15 through 13.2X51-D25, 13.2X51 before 13.2X51-D30, and 14.1X53 before 14.1X53-D10 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | ||||
| CVE-2015-5358 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35, 13.2X52 before 13.2X52-D25, 13.3 before 13.3R6, 14.1R3 before 14.1R3-S2, 14.1 before 14.1R4, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D16, 14.1X55 before 14.1X55-D25, 14.2 before 14.2R2, and 15.1 before 15.1R1 allows remote attackers to cause a denial of service (mbuf and connection consumption and restart) via a large number of requests that trigger a TCP connection to move to the LAST_ACK state when there is more data to send. | ||||
| CVE-2015-7752 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| The SSH server in Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D35, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X53 before 14.1X53-D25, 14.2 before 14.2R3, 15.1 before 15.1R1, and 15.1X49 before 15.1X49-D20 allows remote attackers to cause a denial of service (CPU consumption) via unspecified SSH traffic. | ||||
| CVE-2015-7751 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X50 before 14.1X50-D105, 14.1X51 before 14.1X51-D70, 14.1X53 before 14.1X53-D25, 14.1X55 before 14.1X55-D20, 14.2 before 14.2R1, 15.1 before 15.1F2 or 15.1R1, and 15.1X49 before 15.1X49-D10 does not require a password for the root user when pam.conf is "corrupted," which allows local users to gain root privileges by modifying the file. | ||||
| CVE-2015-7323 | 1 Juniper | 1 Pulse Connect Secure | 2025-04-12 | N/A |
| The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypass intended access restrictions and log into arbitrary meetings by leveraging a meeting id and meetingAppSun.jar. | ||||
| CVE-2015-7322 | 1 Juniper | 1 Pulse Connect Secure | 2025-04-12 | N/A |
| The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts to join a meeting depending on the status of the meeting, which allows remote attackers to enumerate valid meeting ids via a series of requests. | ||||
| CVE-2015-5362 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X50 before 14.1X50-D85, 14.1X55 before 14.1X55-D20, 14.2 before 14.2R3, 15.1 before 15.1R1, and 15.1X49 before 15.1X49-D10 allows remote attackers to cause a denial of service (bfdd crash and restart) or execute arbitrary code via a crafted BFD packet. | ||||
| CVE-2014-0614 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is enabled, allows remote attackers to cause a denial of service (kernel panic and crash) via a large number of crafted IGMP packets. | ||||