Filtered by vendor Juniper
Subscriptions
Total
918 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-1276 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, 12.3X48 before 12.3X48-D25, and 15.1X49 before 15.1X49-D40 on a High-End SRX-Series chassis system with one or more Application Layer Gateways (ALGs) enabled allow remote attackers to cause a denial of service (CPU consumption, fab link failure, or flip-flop failovers) via vectors related to in-transit traffic matching ALG rules. | ||||
| CVE-2014-0612 | 1 Juniper | 8 Junos, Srx100, Srx110 and 5 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors. | ||||
| CVE-2014-3811 | 1 Juniper | 2 Juniper Installer Service Client, Junos Pulse Client | 2025-04-12 | N/A |
| Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before 4.0R6 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2016-1271 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to gain privileges via crafted combinations of CLI commands and arguments, a different vulnerability than CVE-2015-3003, CVE-2014-3816, and CVE-2014-0615. | ||||
| CVE-2014-6500 | 3 Juniper, Mariadb, Oracle | 4 Junos Space, Mariadb, Mysql and 1 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491. | ||||
| CVE-2016-1269 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R9, 13.2X51 before 13.2X51-D39, 13.3 before 13.3R8, 14.1 before 14.1R6, 14.1X53 before 14.1X53-D30, 14.2 before 14.2R4-S1, 15.1 before 15.1R2, 15.1X49 before 15.1X49-D30, and 16.1 before 16.1R1 allow remote attackers to cause a denial of service (socket consumption) via crafted TCP timestamps. | ||||
| CVE-2015-7322 | 1 Juniper | 1 Pulse Connect Secure | 2025-04-12 | N/A |
| The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts to join a meeting depending on the status of the meeting, which allows remote attackers to enumerate valid meeting ids via a series of requests. | ||||
| CVE-2014-3825 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2025-04-12 | N/A |
| The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet. | ||||
| CVE-2014-6451 | 1 Juniper | 2 Junos, Vsrx | 2025-04-12 | N/A |
| J-Web in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D20 allows remote attackers to cause a denial of service (system reboot) via unspecified vectors. | ||||
| CVE-2014-6491 | 3 Juniper, Mariadb, Oracle | 4 Junos Space, Mariadb, Mysql and 1 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500. | ||||
| CVE-2016-1274 | 1 Juniper | 6 Junos, Qfx10000, Qfx3500 and 3 more | 2025-04-12 | N/A |
| Juniper Junos OS 14.1X53 before 14.1X53-D30 on QFX Series switches allows remote attackers to cause a denial of service (PFE panic) via a high rate of unspecified VXLAN packets. | ||||
| CVE-2016-1280 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos. | ||||
| CVE-2015-5363 | 1 Juniper | 14 Junos, Srx100, Srx110 and 11 more | 2025-04-12 | N/A |
| The SRX Network Security Daemon (nsd) in Juniper SRX Series services gateways with Junos 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 allows remote DNS servers to cause a denial of service (crash) via a crafted DNS response. | ||||
| CVE-2014-3823 | 1 Juniper | 1 Junos Pulse Secure Access Service | 2025-04-12 | N/A |
| The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r1, 7.4 before 7.4r5, and 7.1 before 7.1r18 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | ||||
| CVE-2016-1270 | 1 Juniper | 1 Junos | 2025-04-12 | N/A |
| The rpd daemon in Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D40, 13.3 before 13.3R6, 14.1 before 14.1R4, and 14.2 before 14.2R2, when configured with BGP-based L2VPN or VPLS, allows remote attackers to cause a denial of service (daemon restart) via a crafted L2VPN family BGP update. | ||||
| CVE-2014-3822 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2025-04-12 | N/A |
| Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows remote attackers to cause a denial of service (flowd crash) via a malformed packet, related to translating IPv6 to IPv4. | ||||
| CVE-2014-3824 | 1 Juniper | 1 Junos Pulse Secure Access Service | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web server in the Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS 8.0 before 8.0r6, 7.4 before 7.4r13, and 7.1 before 7.1r20 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-2291 | 1 Juniper | 1 Ive Os | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the Pulse Collaboration (Secure Meeting) user pages in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-2292 | 1 Juniper | 1 Ive Os | 2025-04-12 | N/A |
| Unspecified vulnerability in the Linux Network Connect client in Juniper Junos Pulse Secure Access Service (aka SSL VPN) with IVE OS before 7.1r18, 7.3 before 7.3r10, 7.4 before 7.4r8, and 8.0 before 8.0r1 allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2014-3814 | 1 Juniper | 3 Netscreen-5200, Netscreen-5400, Screenos | 2025-04-12 | N/A |
| The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reboot) via a sequence of malformed packets to the device IP. | ||||