|
2015-06-15
|
CVE-2015-3209 |
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. |
Ubuntu_linux,
Debian_linux,
Fedora,
Junos_space,
Qemu,
Enterprise_linux_desktop,
Enterprise_linux_eus,
Enterprise_linux_server,
Enterprise_linux_server_aus,
Enterprise_linux_server_tus,
Enterprise_linux_workstation,
Openstack,
Virtualization,
Linux_enterprise_debuginfo,
Linux_enterprise_desktop,
Linux_enterprise_server,
Linux_enterprise_software_development_kit
|
N/A
|
|
|
2014-04-16
|
CVE-2014-0460 |
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI. |
Junos_space,
Jdk,
Jre,
Jrockit
|
N/A
|
|
|
2014-04-16
|
CVE-2014-0456 |
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. |
Ubuntu_linux,
Debian_linux,
Junos_space,
Jdk,
Jre
|
N/A
|
|
|
2014-04-16
|
CVE-2014-0429 |
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |
Ubuntu_linux,
Debian_linux,
Junos_space,
Jdk,
Jre,
Jrockit
|
N/A
|
|
|
2020-01-15
|
CVE-2020-1611 |
A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1. |
Junos_space
|
N/A
|
|
|
2019-01-15
|
CVE-2019-0017 |
The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1. |
Junos_space
|
8.8
|
|
|
2019-01-15
|
CVE-2019-0016 |
A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Networks Junos Space versions prior to 18.3R1. |
Junos_space
|
6.5
|
|
|
2018-10-10
|
CVE-2018-0047 |
A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of Juniper Networks Junos Space Security Director prior to 17.2R2. |
Junos_space
|
5.4
|
|
|
2018-10-10
|
CVE-2018-0046 |
A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrators or perform administrative actions. This issue affects Juniper Networks Junos Space versions prior to 18.2R1. |
Junos_space
|
6.1
|
|
|
|
2018-01-10
|
CVE-2018-0013 |
A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system. |
Junos_space
|
6.5
|
|