Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-0047 | Cross-site Scripting vulnerability in Juniper Junos A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device. | 8.8 |
| 2019-07-22 | CVE-2019-1010232 | Out-of-bounds Write vulnerability in Juniper Libslax 0.22.0 Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow. | 6.5 |
| 2019-07-11 | CVE-2019-0053 | Out-of-bounds Write vulnerability in multiple products Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. | 7.8 |
| 2019-07-11 | CVE-2019-0052 | Interpretation Conflict vulnerability in Juniper Junos The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. | 7.5 |
| 2019-07-11 | CVE-2019-0049 | Unspecified vulnerability in Juniper Junos On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a certain sequence of BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. | 7.5 |
| 2019-07-11 | CVE-2019-0048 | Unspecified vulnerability in Juniper Junos On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. | 5.8 |
| 2019-07-11 | CVE-2019-0046 | Resource Exhaustion vulnerability in Juniper Junos A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device. | 6.5 |
| 2019-04-20 | CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. | 6.1 |
| 2019-04-10 | CVE-2019-0044 | Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). | 7.5 |
| 2019-04-10 | CVE-2019-0043 | Unspecified vulnerability in Juniper Junos In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. | 7.5 |