Shodan
Vulnerabilities
Vulnerable Software
Juniper:  >> Junos Space  >> 13.3  Security Vulnerabilities
CVE-2016-4927
Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM) type of attacks while a Space device is communicating with managed devices.
CVSS Score
8.1
EPSS Score
0.004
Published
2017-03-20
CVE-2016-4928
Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space.
CVSS Score
8.8
EPSS Score
0.002
Published
2017-03-20
CVE-2016-4929
Command injection vulnerability in Junos Space before 15.2R2 allows attackers to execute arbitrary code as a root user.
CVSS Score
8.8
EPSS Score
0.021
Published
2017-03-20
CVE-2016-4930
Cross-site scripting (XSS) vulnerability in Junos Space before 15.2R2 allows remote attackers to steal sensitive information or perform certain administrative actions.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-03-20
CVE-2016-4931
XML entity injection in Junos Space before 15.2R2 allows attackers to cause a denial of service.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-03-20
CVE-2015-2620
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.
CVSS Score
4.3
EPSS Score
0.005
Published
2015-07-16
CVE-2015-3209
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_DEVICEOWNS set.
CVSS Score
7.5
EPSS Score
0.045
Published
2015-06-15
CVE-2015-0501
Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling.
CVSS Score
5.7
EPSS Score
0.01
Published
2015-04-16
CVE-2014-6559
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.
CVSS Score
4.3
EPSS Score
0.012
Published
2014-10-15
CVE-2014-6495
Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote attackers to affect availability via vectors related to SERVER:SSL:yaSSL.
CVSS Score
4.3
EPSS Score
0.006
Published
2014-10-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved