JSA10970 2019-10 Security Bulletin: Junos OS: Persistent XSS vulnerability in J-Web (CVE-2019-0047)
JSA10971 2019-10 Security Bulletin: SBR Carrier: A vulnerability in the identity and access management certificate generation procedure allows a local attacker to gain access to confidential information. (CVE-2019-0072)
JSA10972 2019-10 Security Bulletin: Junos OS: SRX1500: Denial of service due to crash of srxpfe process under heavy traffic conditions. (CVE-2019-0050)
JSA10973 2019-10 Security Bulletin: SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature. (CVE-2019-0051)
JSA10974 2019-10 Security Bulletin: Junos OS: PKI key pairs are exported with insecure file permissions (CVE-2019-0073)
JSA10952 2019-10 Security Bulletin: Junos OS: SRX Series: An attacker may be able to perform Man-in-the-Middle (MitM) attacks during app-id signature updates. (CVE-2019-0054)
JSA10964 2019-10 Security Bulletin: Junos OS: MX Series: Denial of Service vulnerability in MS-PIC component on MS-MIC or MS-MPC (CVE-2019-0065)
JSA10965 2019-10 Security Bulletin: Junos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core (CVE-2019-0066)
JSA10966 2019-10 Security Bulletin: Junos OS: Kernel crash (vmcore) upon receipt of a specific link-local IPv6 packet on devices configured with Multi-Chassis Link Aggregation Group (MC-LAG) (CVE-2019-0067)
JSA10968 2019-10 Security Bulletin: Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets (CVE-2019-0068)
JSA10969 Junos OS: vSRX, SRX1500, SRX4K, ACX5K, EX4600, QFX5100, QFX5110, QFX5200, QFX10K and NFX Series: console management port device authentication credentials are logged in clear text
JSA10960 2019-10 Security Bulletin: Junos OS: Insecure management daemon (MGD) configuration may allow local privilege escalation (CVE-2019-0061)
JSA10961 2019-10 Security Bulletin: Junos OS: Session fixation vulnerability in J-Web (CVE-2019-0062)
JSA10962 2019-10 Security Bulletin: Junos OS: MX Series: jdhcpd crash when receiving a specific crafted DHCP response message (CVE-2019-0063)
JSA10963 2019-10 Security Bulletin: Junos OS: SRX5000 Series: flowd process crash due to receipt of specific TCP packet (CVE-2019-0064)
JSA10975 2019-10 Security Bulletin: Junos OS: NFX150 Series, QFX10K Series, EX9200 Series, MX Series, PTX Series: Path traversal vulnerability in NFX150 and NG-RE leads to information disclosure. (CVE-2019-0074)
JSA10953 2019-10 Security Bulletin: Junos OS: SRX Series: An attacker may cause flowd to crash by sending certain valid SIP traffic to a device with SIP ALG enabled. (CVE-2019-0055)
JSA10954 2019-10 Security Bulletin: Junos OS: MX Series: An MPC10 Denial of Service (DoS) due to OSPF states transitioning to Down, causes traffic to stop forwarding through the device. (CVE-2019-0056)
JSA10976 2019-10 Security Bulletin: Junos OS: SRX Series: Denial of Service vulnerability in srxpfe related to PIM (CVE-2019-0075)
JSA10977 2019-10 Security Bulletin: Junos OS: NFX Series: An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions. (CVE-2019-0070)
JSA10956 2019-10 Security Bulletin: Junos OS: SRX Series: A weakness in the Veriexec subsystem may allow privilege escalation. (CVE-2019-0058)
JSA10978 2019-10 Security Bulletin: Junos OS: EX2300, EX3400 Series: Veriexec signature checking not enforced in specific versions of Junos OS (CVE-2019-0071)
JSA10957 2019-10 Security Bulletin: Junos OS: The routing protocol process (rpd) may crash and generate core files upon receipt of specific valid BGP states from a peered host. (CVE-2019-0059)
JSA10958 2019-10 Security Bulletin: CTPView and CTP Series: Multiple vulnerabilities in CTPView and CTP Series
JSA10959 2019-10 Security Bulletin: Junos OS: SRX Series: flowd process crash due to processing of specific transit IP packets (CVE-2019-0060)