Juniper Security Bulletins

Juniper security bulletins are official notifications released by the Jupiter Product Security Incident Response Team to address security vulnerabilities and updates in their software products. These advisories provide important information about the vulnerabilities, their potential impact, and recommendations for users to apply necessary patches or updates to ensure the security of their systems.

Browse the juniper index

CISA Security Advisories - CSAF

CISA (Cybersecurity and Infrastructure Security Agency) Advisories provides machine-readable security advisories issued by the United States' primary federal agency responsible for cybersecurity. These advisories provide actionable information on emerging cyber threats, vulnerabilities, and incidents affecting critical infrastructure sectors. CISA Advisories offer guidance, recommended mitigation measures, and best practices to enhance the security and resilience of organizations, promoting a proactive approach to protecting critical systems and networks from cyber threats.

Browse the cisa-csaf index

Qualys QID

A Qualys QID (Qualys ID) is a unique identifier assigned to each vulnerability, security issue, or configuration check detected by the Qualys platform. It represents a specific detection and includes associated details like severity, affected software, remediation steps, and related CVEs.

Browse the qualys-qids index

Unrolled VulnCheck CPEs

This index contains unrolled VulnCheck generated CPEs.

Browse the cpe-vulnerable index

NVD's CPE Dictionary

NVD's CPE dictionary

Browse the nvd-cpe-dictionary index

Debian PURLs

Debian PURLs is a collection of Debian PURLs and associated CVEs. The index contains PURL for official releases of Debian from Stretch (Debian 9) and above.

Browse the debian-purls index

Debian Packages

Debian Packages contains a mapping of package names to known versions and associated CVE. The index contains packages for official releases of Debian from Stretch (Debian 9) and above.

Browse the debian-packages index

Recent Initial Access activity

Roundcube PHP Object Deserialization was added on Jun, 19 and is found in 1 product.

View more detail on CVE-2025-49113

Arbitrary Method Invocation (ReplaceAdTemplate) Preauth RCE was added on Jun, 12 and is found in 1 product.

View more detail on CVE-2025-48827

Invision Community Remote Code Execution was added on Jun, 10 and is found in 1 product.

View more detail on CVE-2025-47916

Ivanti Endpoint Manager Mobile EL Injection was added on May, 21 and is found in 1 product.

View more detail on CVE-2025-4428

Ivanti Endpoint Manager Mobile Authentication Bypass was added on May, 21 and is found in 1 product.

View more detail on CVE-2025-4427

Microsoft Windows URL File Relative Path Local RCE was added on Jun, 15 and is found in 1 product.

View more detail on CVE-2025-33053

Infobox NetMRI Unauthenticated RCE was added on Jun, 8 and is found in 1 product.

View more detail on CVE-2025-32813

Langflow Langflow Unauthenticated Code Injection was added on May, 26 and is found in 1 product.

View more detail on CVE-2025-3248

SysAid On-Premises Unauthenticated XXE lshw was added on May, 18 and is found in 1 product.

View more detail on CVE-2025-2777

SysAid On-Premises Unauthenticated XXE MDM Server URL was added on May, 18 and is found in 1 product.

View more detail on CVE-2025-2776

SysAid On-Premises Unauthenticated XXE MDM Checkin was added on May, 18 and is found in 1 product.

View more detail on CVE-2025-2775

FlowiseAI Flowise Unauthenticated API Key Overwrite was added on Jun, 3 and is found in 1 product.

View more detail on CVE-2025-26319

Cisco IOS XE WLC Arbitrary File Upload was added on Jun, 5 and is found in 1 product.

View more detail on CVE-2025-20188

Samsung MagicInfo 9 File Write RCE was added on Jun, 1 and is found in 1 product.

View more detail on CVE-2024-7399

Vendure Arbitrary File Disclosure was added on May, 21 and is found in 1 product.

View more detail on CVE-2024-48914

Veeam Backup and Replication Deserialization RCE was added on May, 29 and is found in 1 product.

View more detail on CVE-2024-40711

Draytek apmcfgupload Command Injection was added on Jun, 4 and is found in 3 products.

View more detail on CVE-2024-12987

ZKTeco BioTime Low Privilege Backup Information Leak was added on May, 26 and is found in 1 product.

View more detail on CVE-2023-38952

ZKTeco BioTime SFTP RCE was added on May, 28 and is found in 1 product.

View more detail on CVE-2023-38951

ZKTeco BioTime Path Traversal was added on May, 26 and is found in 1 product.

View more detail on CVE-2023-38950

vBulletin Preauth PHP deserialization RCE was added on Jun, 8 and is found in 1 product.

View more detail on CVE-2023-25135

VMware vCenter Server VSAN Health RCE was added on May, 28 and is found in 1 product.

View more detail on CVE-2021-21985

Citrix ADC and Gateway Directory Traversal RCE was added on May, 21 and is found in 2 products.

View more detail on CVE-2019-19781

Apache HTTP Server Carpe Diem Root Privilege Escalation was added on May, 21 and is found in 1 product.

View more detail on CVE-2019-0211

Moxa MXView Private Key Leak was added on May, 29 and is found in 1 product.

View more detail on CVE-2017-7455

JBoss EJBInvokerServlet / JMXInvokerServlet RCE was added on May, 29 and is found in 1 product.

View more detail on CVE-2013-4810

Struts2 S2-015 OGNL Wildcard Matching was added on May, 29 and is found in 1 product.

View more detail on CVE-2013-2134

Microsoft Sharepoint Server RCE via Unrestricted File Upload was added on May, 21 and is found in 1 product.

View more detail on CVE-2010-3964