0.0
CVE-2025-11371 - Gladinet CentreStack and TrioFox Local File Inclusion Flaw
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild.ย This issue impacts Gladinet CentreStack andโฆ
5.3
CVE-2025-60010 - Junos OS and Junos OS Evolved: Device allows login for user with expired password
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has respondedโฆ
5.1
CVE-2025-60009 - Junos Space: CLI Configlet page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the CLI Configlet page that, when visited by another user, enables the attacker to execute commands with the target'sโฆ
4.8
CVE-2025-60006 - Junos OS Evolved: OS command injection vulnerabilities fixed
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commanโฆ
8.7
CVE-2025-60004 - Junos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crash
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service (DoS). When an affected system receives a specific BGP EVPN upโฆ
5.1
CVE-2025-60002 - Junos Space: Template Definitions page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Template Definitions page that, when visited by another user, enables the attacker to execute commands with the targeโฆ
5.1
CVE-2025-60001 - Junos Space: Create Quick Template page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report page that, when visited by another user, enables the attacker to execute commands with the target's pโฆ
5.1
CVE-2025-60000 - Junos Space: Generate Report page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Generate Report page that, when visited by another user, enables the attacker to execute commands with the target's pโฆ
5.1
CVE-2025-59999 - Junos Space: API Access Profiles page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the API Access Profiles page that, when visited by another user, enables the attacker to execute commands with the targetโฆ
5.1
CVE-2025-59998 - Junos Space: Archive Logs screen is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Archive Log screen that, when visited by another user, enables the attacker to execute commands with the target's perโฆ