18.4

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-09	CVE-2019-0047	Cross-site Scripting vulnerability in Juniper Junos A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device. network low complexity juniper CWE-79	8.8
2019-07-11	CVE-2019-0053	Out-of-bounds Write vulnerability in multiple products Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. local low complexity juniper debian CWE-787	7.8
2019-07-11	CVE-2019-0052	Interpretation Conflict vulnerability in Juniper Junos The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. network low complexity juniper CWE-436	7.5
2019-04-10	CVE-2019-0036	Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. network low complexity juniper CWE-754 critical	9.8
2019-04-10	CVE-2019-0019	Unspecified vulnerability in Juniper Junos When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. network low complexity juniper	7.5
2018-08-18	CVE-2018-15504	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. network low complexity embedthis juniper CWE-476	7.5
2016-03-09	CVE-2016-1286	named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. network low complexity isc suse opensuse fedoraproject canonical debian juniper	8.6
2016-03-09	CVE-2016-1285	named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. network high complexity isc suse opensuse fedoraproject canonical debian juniper	6.8