U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/h:juniper:srx240:-
There are 90 matching records.
Displaying matches 81 through 90.
Vuln ID Summary CVSS Severity
CVE-2014-3815

Juniper Junos 12.1X46 before 12.1X46-D20 and 12.1X47 before 12.1X47-D10 on SRX Series devices allows remote attackers to cause a denial of service (flowd crash) via a crafted SIP packet.

Published: July 11, 2014; 4:55:02 PM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2014-0612

Unspecified vulnerability in Juniper Junos before 11.4R10-S1, before 11.4R11, 12.1X44 before 12.1X44-D26, 12.1X44 before 12.1X44-D30, 12.1X45 before 12.1X45-D20, and 12.1X46 before 12.1X46-D10, when Dynamic IPsec VPN is configured, allows remote attackers to cause a denial of service (new Dynamic VPN connection failures and CPU and disk consumption) via unknown vectors.

Published: April 14, 2014; 11:09:06 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2014-0617

Juniper Junos 10.4S before 10.4S15, 10.4R before 10.4R16, 11.4 before 11.4R9, and 12.1R before 12.1R7 on SRX Series service gateways allows remote attackers to cause a denial of service (flowd crash) via a crafted IP packet.

Published: January 15, 2014; 11:08:04 AM -0500
V3.x:(not available)
V2.0: 7.1 HIGH
CVE-2014-0618

Juniper Junos before 10.4 before 10.4R16, 11.4 before 11.4R8, 12.1R before 12.1R7, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D10 on SRX Series service gateways, when used as a UAC enforcer and captive portal is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted HTTP message.

Published: January 10, 2014; 11:44:42 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2013-6015

Juniper Junos before 10.4S14, 11.4 before 11.4R5-S2, 12.1R before 12.1R3, 12.1X44 before 12.1X44-D20, and 12.1X45 before 12.1X45-D15 on SRX Series services gateways, when a plugin using TCP proxy is configured, allows remote attackers to cause a denial of service (flow daemon crash) via an unspecified sequence of TCP packets.

Published: October 17, 2013; 7:55:04 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-6013

Buffer overflow in the flow daemon (flowd) in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7-S2, 12.1.X44 before 12.1X44-D15, 12.1X45 before 12.1X45-D10 on SRX devices, when using telnet pass-through authentication on the firewall, might allow remote attackers to execute arbitrary code via a crafted telnet message.

Published: October 17, 2013; 7:55:04 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2013-4688

flowd in Juniper Junos 10.4 before 10.4R11 on SRX devices, when the MSRPC Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted MSRPC requests, aka PR 772834.

Published: July 11, 2013; 10:55:01 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2013-4687

flowd in Juniper Junos 10.4 before 10.4S14, 11.2 and 11.4 before 11.4R6-S2, and 12.1 before 12.1R6 on SRX devices, when certain Application Layer Gateways (ALGs) are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets, aka PRs 727980, 806269, and 835593.

Published: July 11, 2013; 10:55:01 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2013-4685

Buffer overflow in flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R7, 12.1 before 12.1R6, and 12.1X44 before 12.1X44-D15 on SRX devices, when Captive Portal is enabled with the UAC enforcer role, allows remote attackers to execute arbitrary code via crafted HTTP requests, aka PR 849100.

Published: July 11, 2013; 10:55:01 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-4684

flowd in Juniper Junos 10.4 before 10.4S14, 11.4 before 11.4R8, 12.1 before 12.1R7, and 12.1X44 before 12.1X44-D15 on SRX devices, when PIM and NAT are enabled, allows remote attackers to cause a denial of service (daemon crash) via crafted PIM packets, aka PR 842253.

Published: July 11, 2013; 10:55:01 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH