Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
juniper junos space 13.3 vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-0011
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management ...
Juniper Junos Space 16.1
Juniper Junos Space 17.1
Juniper Junos Space 15.1
Juniper Junos Space 14.1
Juniper Junos Space 13.3
Juniper Junos Space 15.2
356
VMScore
CVE-2018-0010
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Affected releases are all versions of Junos Space Security Director before 17.2R1...
Juniper Junos Space 17.1
Juniper Junos Space 15.2
Juniper Junos Space 15.1
Juniper Junos Space 14.1
Juniper Junos Space 16.1
Juniper Junos Space 17.2
Juniper Junos Space 13.3
312
VMScore
CVE-2018-0047
A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users ac...
Juniper Junos Space 13.3
Juniper Junos Space 14.1
Juniper Junos Space 15.1
Juniper Junos Space 16.1
Juniper Junos Space 17.2
Juniper Junos Space 15.2
Juniper Junos Space 17.1
578
VMScore
CVE-2019-0017
The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types. Affected releases are Juniper Networks Junos Space versions before 18.3R1.
Juniper Junos Space 14.1
Juniper Junos Space 17.2
Juniper Junos Space 18.1
Juniper Junos Space 18.2
Juniper Junos Space 13.3
Juniper Junos Space 15.1
Juniper Junos Space 15.2
Juniper Junos Space 17.1
Juniper Junos Space 16.1
490
VMScore
CVE-2019-0016
A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user. Affected releases are Juniper Ne...
Juniper Junos Space 15.1
Juniper Junos Space 16.1
Juniper Junos Space 13.3
Juniper Junos Space 14.1
Juniper Junos Space 15.2
Juniper Junos Space 17.1
Juniper Junos Space 17.2
Juniper Junos Space 18.1
Juniper Junos Space 18.2
890
VMScore
CVE-2014-3413
The MySQL server in Juniper Networks Junos Space prior to 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote malicious users to obtain sensitive information and consequently obtain administrative control by leveraging database access.
Juniper Junos Space 13.3
312
VMScore
CVE-2021-0220
The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. An attacker who is able to execute arbitrary code in the victim browser (for example via XSS) or access cached contents may be able to ob...
Juniper Junos Space 1.0
Juniper Junos Space 1.1
Juniper Junos Space 1.2
Juniper Junos Space 1.3
Juniper Junos Space 1.4
Juniper Junos Space 2.0
Juniper Junos Space 11.1
Juniper Junos Space 11.2
Juniper Junos Space 11.3
Juniper Junos Space 11.4
Juniper Junos Space 12.1
Juniper Junos Space 12.2
Juniper Junos Space 12.3
Juniper Junos Space 13.1
Juniper Junos Space 13.3
Juniper Junos Space 14.1
Juniper Junos Space 15.1
Juniper Junos Space 15.2
Juniper Junos Space 16.1
Juniper Junos Space 17.1
Juniper Junos Space 17.2
Juniper Junos Space 18.1
428
VMScore
CVE-2019-11358
jQuery prior to 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Jquery Jquery
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Drupal Drupal
Backdropcms Backdrop
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Netapp Snapcenter -
Netapp Oncommand System Manager
Redhat Cloudforms 4.7
Redhat Virtualization Manager 4.3
Oracle Service Bus 12.1.3.0.0
Oracle Primavera Unifier 16.2
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Weblogic Server 12.1.3.0.0
Oracle Service Bus 11.1.1.9.0
Oracle Jdeveloper 11.1.1.9.0
Oracle Primavera Unifier 16.1
150 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started