Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Junos
(Juniper)| Repositories |
• https://github.com/embedthis/appweb
• https://github.com/jquery/jquery-ui |
| #Vulnerabilities | 647 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-04-12 | CVE-2024-21610 | An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd) of Juniper Networks Junos OS allows an authenticated, network-based attacker with low privileges to cause a limited Denial of Service (DoS). In a scaled CoS scenario with 1000s of interfaces, when specific low privileged commands, received over NETCONF, SSH or telnet, are handled by cosd on behalf of mgd, the respective child management daemon (mgd) processes will get stuck. In case of... | Junos | 4.3 | ||
| 2024-01-12 | CVE-2024-21591 | An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * ... | Junos | 9.8 | ||
| 2024-01-12 | CVE-2024-21591 | An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * ... | Junos | 9.8 | ||
| 2024-01-12 | CVE-2024-21591 | An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory. This issue affects Juniper Networks Junos OS SRX Series and EX Series: * Junos OS versions earlier than 20.4R3-S9; * ... | Junos | 9.8 | ||
| 2004-08-18 | CVE-2004-0230 | TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | Junos, Network_data_loss_prevention, Windows_2000, Windows_98, Windows_98se, Windows_server_2003, Windows_xp, Netbsd, Openpgp, Solaris, Openserver, Unixware | N/A | ||
| 2023-10-13 | CVE-2023-44184 | An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device's control plane. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions... | Junos, Junos_os_evolved | 6.5 |