Total
92 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3825 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 6.8 MEDIUM | N/A |
| The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet. | |||||
| CVE-2015-3002 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 6.9 MEDIUM | N/A |
| Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D15, and 12.3X48 before 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate attackers to reconnect to the console port and gain administrative access by leveraging access to the device. | |||||
| CVE-2014-3822 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 5.4 MEDIUM | N/A |
| Juniper Junos 11.4 before 11.4R8, 12.1 before 12.1R5, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.1X46 before 12.1X46-D10, and 12.1X47 before 12.1X47-D10 on SRX Series devices, allows remote attackers to cause a denial of service (flowd crash) via a malformed packet, related to translating IPv6 to IPv4. | |||||
| CVE-2013-6013 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 6.8 MEDIUM | N/A |
| Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message. | |||||
| CVE-2014-0617 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 7.1 HIGH | N/A |
| Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before 11.4R9, and 12.1R before 12.1R7 on SRX Series service gateways allows remote attackers to cause a denial of service (flowd crash) via a crafted IP packet. | |||||
| CVE-2013-4685 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 849100. | |||||
| CVE-2013-4690 | 1 Juniper | 4 Junos, Srx1400, Srx3400 and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Juniper Junos 10.4 before 10.4S13, 11.4 before 11.4R7-S1, 12.1 before 12.1R5-S3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on the SRX1400, SRX3400, and SRX3600 does not properly initialize memory locations used during padding of Ethernet packets, which allows remote attackers to obtain sensitive information by reading packet data, aka PR 829536, a related issue to CVE-2003-0001. | |||||
| CVE-2013-4684 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 7.8 HIGH | N/A |
| flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 before 12.1R7, and 12.1X44 before 12.1X44-D15 on SRX devices, when PIM and NAT are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted PIM packets, aka PR 842253. | |||||
| CVE-2013-6015 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 4.3 MEDIUM | N/A |
| Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before 12.1R3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D15 on SRX Series services gateways, when a plugin using TCP proxy is configured, allows remote attackers to cause a denial of service (flow daemon crash) via an unspecified sequence of TCP packets. | |||||
| CVE-2013-4687 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 7.8 HIGH | N/A |
| flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets, aka PRs 727980, 806269, and 835593. | |||||
| CVE-2014-0618 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 7.8 HIGH | N/A |
| Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted HTTP message. | |||||
| CVE-2013-4688 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2023-12-10 | 7.8 HIGH | N/A |
| flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted MSRPC requests, aka PR 772834. | |||||