JSA11220 – 2021-10 Security Bulletin: Junos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portal (CVE-2021-31355)
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11220&actp=RSS
JSA11219 – 2021-10 Security Bulletin: Junos OS and Junos OS Evolved: A vulnerability in the Juniper Agile License Client may allow an attacker to perform Remote Code Execution (RCE) (CVE-2021-31354)
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11219&actp=RSS
JSA11218 – 2021-10 Security Bulletin: Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update (CVE-2021-31353)
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11218&actp=RSS
JSA11217 – 2021-10 Security Bulletin: SRC Series: NETCONF over SSH allows negotiation of weak ciphers (CVE-2021-31352)
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11217&actp=RSS
JSA11216 – 2021-10 Security Bulletin: Junos OS: MX Series: Receipt of specific packet on MS-MPC/MS-MIC causes line card reset (CVE-2021-31351)
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11216&actp=RSS
Apache HTTPD vulnerability CVE-2021-34798
Apache HTTPD vulnerability CVE-2021-34798 Security Advisory Security Advisory Description Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP ...
More info:
https://support.f5.com/csp/article/K72382141?utm_source=f5support&utm_medium=RSS
MSA-21-0034: Authentication bypass risk when using external database authentication
by Michael Hawkins. An authentication bypass risk was identified in the external database authentication functionality, due to a type juggling vulnerability.Severity/Risk:SeriousVersions affected:3.11 to 3.11.2, 3.10 to 3.10.6, 3.9 to 3.9.9 and earlier unsupported versionsVersions fixed:3.11.3, 3.10.7 and 3.9.10Reported by:Amit EyalCVE identifier:CVE-2021-40693Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71160Tracker issue:MDL-71160
More info:
https://moodle.org/mod/forum/discuss.php?d=427105&parent=1719327
JSA11211 – 2021-10 Security Bulletin: Junos OS Evolved: BGP and LDP sessions with TCP MD5 authentication established with peers not configured for authentication (CVE-2021-0297)
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11211&actp=RSS
JSA11212 – 2021-10 Security Bulletin: Junos OS Evolved: PTX10003, PTX10008: picd core while executing the "show chassis pic" command under certain conditions (CVE-2021-0298)
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11212&actp=RSS
JSA11210 – 2021-10 Security Bulletin: CTPView: HSTS not being enforced on CTPView server. (CVE-2021-0296)
More info:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11210&actp=RSS