Total
50 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-2306 | 1 Juniper | 1 Junos Space | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space administrative web interface can execute code on the device. | |||||
CVE-2017-10624 | 1 Juniper | 1 Junos Space | 2023-12-10 | 5.1 MEDIUM | 7.5 HIGH |
Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. Affected releases are Juniper Networks Junos Space all versions prior to 17.1R1. | |||||
CVE-2018-0011 | 1 Juniper | 1 Junos Space | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device. | |||||
CVE-2016-4926 | 1 Juniper | 1 Junos Space | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Insufficient authentication vulnerability in Junos Space before 15.2R2 allows remote network based users with access to Junos Space web interface to perform certain administrative tasks without authentication. | |||||
CVE-2016-4931 | 1 Juniper | 1 Junos Space | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service. | |||||
CVE-2016-4928 | 1 Juniper | 1 Junos Space | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space. | |||||
CVE-2016-4929 | 1 Juniper | 1 Junos Space | 2023-12-10 | 9.0 HIGH | 8.8 HIGH |
Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user. | |||||
CVE-2016-4927 | 1 Juniper | 1 Junos Space | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM) type of attacks while a Space device is communicating with managed devices. | |||||
CVE-2016-4930 | 1 Juniper | 1 Junos Space | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2 allows remote attackers to steal sensitive information or perform certain administrative actions. | |||||
CVE-2015-2620 | 5 Canonical, Debian, Juniper and 2 more | 6 Ubuntu Linux, Debian Linux, Junos Space and 3 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges. | |||||
CVE-2015-3209 | 8 Arista, Canonical, Debian and 5 more | 19 Eos, Ubuntu Linux, Debian Linux and 16 more | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set. | |||||
CVE-2014-6494 | 4 Juniper, Mariadb, Oracle and 1 more | 8 Junos Space, Mariadb, Mysql and 5 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6496. | |||||
CVE-2014-3412 | 1 Juniper | 3 Junos Space, Junos Space Ja1500 Appliance, Junos Space Ja2500 Appliance | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors. | |||||
CVE-2014-0460 | 4 Canonical, Debian, Juniper and 1 more | 6 Ubuntu Linux, Debian Linux, Junos Space and 3 more | 2023-12-10 | 5.8 MEDIUM | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI. | |||||
CVE-2014-6559 | 4 Juniper, Mariadb, Oracle and 1 more | 8 Junos Space, Mariadb, Mysql and 5 more | 2023-12-10 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING. | |||||
CVE-2014-0456 | 6 Canonical, Debian, Ibm and 3 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | |||||
CVE-2014-0457 | 6 Canonical, Debian, Ibm and 3 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | |||||
CVE-2014-6500 | 3 Juniper, Mariadb, Oracle | 4 Junos Space, Mariadb, Mysql and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491. | |||||
CVE-2015-0501 | 7 Canonical, Debian, Juniper and 4 more | 14 Ubuntu Linux, Debian Linux, Junos Space and 11 more | 2023-12-10 | 5.7 MEDIUM | N/A |
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling. | |||||
CVE-2014-2421 | 6 Canonical, Debian, Ibm and 3 more | 8 Ubuntu Linux, Debian Linux, Forms Viewer and 5 more | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. |