Juniper

Junos

720 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2013-4688

  • EPSS 0.76%
  • Veröffentlicht 11.07.2013 14:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted MSRPC requests, aka PR 772834.

5

CVE-2013-4690

  • EPSS 0.39%
  • Veröffentlicht 11.07.2013 14:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before 12.1R5-S3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on the SRX1400, SRX3400, and SRX3600 does not properly initialize memory locations used during padding of Ethe...

4.3

CVE-2009-3485

Exploit
  • EPSS 0.96%
  • Veröffentlicht 30.09.2009 15:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI.

3.5

CVE-2009-3486

Exploit
  • EPSS 0.18%
  • Veröffentlicht 30.09.2009 15:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the dia...

3.5

CVE-2009-3487

Exploit
  • EPSS 0.24%
  • Veröffentlicht 30.09.2009 15:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the ...

7.8

CVE-2007-6372

  • EPSS 2.43%
  • Veröffentlicht 15.12.2007 01:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping.

5

CVE-2006-3529

  • EPSS 3.78%
  • Veröffentlicht 12.07.2006 00:05:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processe...

5

CVE-2004-0467

  • EPSS 5.78%
  • Veröffentlicht 31.12.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large number of MPLS packets, which are not filtered or verified before being sent to the Routing Engine, which reduces the speed at whi...

5

CVE-2004-0468

  • EPSS 1%
  • Veröffentlicht 06.12.2004 05:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets.

5

CVE-2004-0230

Exploit
  • EPSS 8.89%
  • Veröffentlicht 18.08.2004 04:00:00
  • Zuletzt bearbeitet 02.05.2025 16:40:41

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that u...