Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper http service vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5560
Heap-based buffer overflow in the Juniper HTTP Service allows remote malicious users to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known resea...
Juniper Http Service
NA
CVE-2014-0618
Juniper Junos prior to 10.4 prior to 10.4R16, 11.4 prior to 11.4R8, 12.1R prior to 12.1R7, 12.1X44 prior to 12.1X44-D20, and 12.1X45 prior to 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote malicious users to ca...
Juniper Junos 12.1x44
Juniper Junos 12.1x45
Juniper Junos 12.1r
Juniper Junos 11.4
Juniper Junos 10.4
Juniper Srx210 -
Juniper Srx220 -
Juniper Srx110 -
Juniper Srx1400 -
Juniper Srx5800 -
Juniper Srx650 -
Juniper Srx100 -
Juniper Srx550 -
Juniper Srx5600 -
Juniper Srx240 -
Juniper Srx3400 -
Juniper Srx3600 -
9.8
CVSSv3
CVE-2020-1654
On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an ...
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
9.8
CVSSv3
CVE-2020-1647
On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this sp...
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
7.5
CVSSv3
CVE-2018-15505
An issue exists in Embedthis GoAhead prior to 4.0.1 and Appweb prior to 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing ']...
Embedthis Appweb
Embedthis Goahead
Juniper Junos 15.1
Juniper Junos 16.1
Juniper Junos 12.3
Juniper Junos 15.1x53
Juniper Junos 12.3x48
Juniper Junos 15.1x49
Juniper Junos 16.2
Juniper Junos 17.2
Juniper Junos 17.1
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
9.8
CVSSv3
CVE-2020-1631
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated malicious user to perform local file inclusion (LFI) or path traver...
Juniper Junos 15.1x49
Juniper Junos 15.1
Juniper Junos 12.3
Juniper Junos 14.1x53
Juniper Junos 12.3x48
Juniper Junos 16.1
Juniper Junos 17.2
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
5.9
CVSSv3
CVE-2021-31386
A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated malicious user to perform Person-in-the-Middle (PitM) attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions before...
Juniper Junos 12.3
Juniper Junos 15.1
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
8.6
CVSSv3
CVE-2021-0251
A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery (CPCD) services daemon (cpcd) of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an malicious user to send malformed HTTP packets to the device thereby causing a D...
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
7.5
CVSSv3
CVE-2021-0227
An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an malicious user to cause Denial of Service (DoS) by sending certain crafted HTTP packets. Continued receipt and processing of...
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
7.5
CVSSv3
CVE-2019-0010
An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. Each crafted HTTP packet inspected...
Juniper Junos 12.1x46
Juniper Junos 12.3x48
Juniper Junos 15.1x49
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »