Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper junos 9.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-3485
Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the default URI.
Juniper Junos 9.0
Juniper Junos 8.5
1 EDB exploit
NA
CVE-2013-6013
Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 prior to 10.4S14, 11.4 prior to 11.4R7-S2, 12.1.X44 prior to 12.1X44-D15, 12.1X45 prior to 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote malicious user...
Juniper Junos 12.1x44
Juniper Junos 4.4
Juniper Junos 5.0
Juniper Junos 6.0
Juniper Junos 6.1
Juniper Junos 7.3
Juniper Junos 7.4
Juniper Junos 8.4
Juniper Junos 9.0
Juniper Junos 12.1x45
Juniper Junos 11.4
Juniper Junos 5.1
Juniper Junos 5.2
Juniper Junos 6.2
Juniper Junos 6.3
Juniper Junos 7.5
Juniper Junos 7.6
Juniper Junos 9.1
Juniper Junos 9.2
Juniper Junos 9.4
Juniper Junos 4.0
Juniper Junos 4.1
NA
CVE-2013-6015
Juniper Junos prior to 10.4S14, 11.4 prior to 11.4R5-S2, 12.1R prior to 12.1R3, 12.1X44 prior to 12.1X44-D20, and 12.1X45 prior to 12.1X45-D15 on SRX Series services gateways, when a plugin using TCP proxy is configured, allows remote malicious users to cause a denial of service ...
Juniper Junos 12.1x44
Juniper Junos 12.1x45
Juniper Junos 5.0
Juniper Junos 5.1
Juniper Junos 6.0
Juniper Junos 6.1
Juniper Junos 6.2
Juniper Junos 7.4
Juniper Junos 7.5
Juniper Junos 9.0
Juniper Junos 9.1
Juniper Junos 11.4
Juniper Junos 4.0
Juniper Junos 5.2
Juniper Junos 5.3
Juniper Junos 6.3
Juniper Junos 6.4
Juniper Junos 7.6
Juniper Junos 8.0
Juniper Junos 9.2
Juniper Junos 9.4
Juniper Junos 4.1
NA
CVE-2013-4689
J-Web in Juniper Junos prior to 10.4R13, 11.4 prior to 11.4R7, 12.1R prior to 12.1R6, 12.1X44 prior to 12.1X44-D15, 12.1x45 prior to 12.1X45-D10, 12.2 prior to 12.2R3, 12.3 prior to 12.3R2, and 13.1 prior to 13.1R3 allow remote malicious users to bypass the cross-site request for...
Juniper Junos 4.1
Juniper Junos 4.2
Juniper Junos 4.3
Juniper Junos 4.4
Juniper Junos 7.0
Juniper Junos 7.1
Juniper Junos 7.2
Juniper Junos 7.3
Juniper Junos 9.6
Juniper Junos
Juniper Junos 13.1
Juniper Junos 12.1
Juniper Junos 12.1x44
Juniper Junos 12.1x45
Juniper Junos 5.5
Juniper Junos 5.6
Juniper Junos 5.7
Juniper Junos 6.0
Juniper Junos 8.1
Juniper Junos 8.2
Juniper Junos 8.3
Juniper Junos 8.4
NA
CVE-2013-7313
The OSPF implementation in Juniper Junos up to and including 13.x, JunosE, and ScreenOS up to and including 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which ...
Juniper Screenos 6.2.0
Juniper Screenos
Juniper Junose
Juniper Junos 4.0
Juniper Junos 5.7
Juniper Junos 6.0
Juniper Junos 6.1
Juniper Junos 6.2
Juniper Junos 8.3
Juniper Junos 8.4
Juniper Junos 9.0
Juniper Junos 9.1
Juniper Junos 9.2
Juniper Junos 11.2
Juniper Junos 11.3
Juniper Junos 11.4
Juniper Junos 11.4x27
Juniper Junos 5.0
Juniper Junos 5.0r3
Juniper Junos 5.0r4
Juniper Junos 5.1
Juniper Junos 5.2
9.8
CVSSv3
CVE-2020-10188
utility.c in telnetd in netkit telnet up to and including 0.17 allows remote malicious users to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
Netkit Telnet Project Netkit Telnet
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Arista Eos
Arista Eos 4.24.0f
Oracle Communications Performance Intelligence Center 10.4.0.2
Juniper Junos 15.1x49
Juniper Junos 15.1
Juniper Junos 16.1
Juniper Junos 12.3
Juniper Junos 15.1x49-d30
Juniper Junos 12.3x48
Juniper Junos 12.3x50
Juniper Junos 17.2
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
NA
CVE-2009-3486
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the diagnose program; or (2) the trac...
Juniper Junos 8.5
2 EDB exploits
NA
CVE-2009-3487
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the jexec program; the (2) act, (3...
Juniper Junos 8.5
2 EDB exploits
6.1
CVSSv3
CVE-2016-7103
Cross-site scripting (XSS) vulnerability in jQuery UI prior to 1.12.0 might allow remote malicious users to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
Jqueryui Jquery Ui
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Business Intelligence 12.2.1.3.0
Oracle Business Intelligence 12.2.1.4.0
Oracle Hospitality Cruise Fleet Management 9.0.11
Oracle Application Express
Oracle Primavera Unifier
Oracle Siebel Ui Framework
Oracle Oss Support Tools
Oracle Oss Support Tools 2.12.42
Fedoraproject Fedora 30
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Netapp Snapcenter -
Redhat Openstack 7.0
Redhat Openstack 9
Redhat Openstack 8
Juniper Junos 21.2
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
98 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started