37 matches found
CVE-2025-52955
An Incorrect Calculation of Buffer Size vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause a memory corruption that leads to a rpd crash. When the logical interface using a routing instance flaps...
CVE-2025-52955
CVE-2025-52955 describes an Incorrect Calculation of Buffer Size in Juniper Networks Junos OS and Junos OS Evolved rpd when jflow/sflow updates are sent as a routing instance’s logical interface flaps. The issue can cause memory corruption, leading to an rpd crash and restart, with sustained DoS ...
CVE-2024-9003
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFileLoad.do of the component Attachment Handler. The manipulation of the argument oid leads to improper acce...
CVE-2025-30657
An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon SRRD of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a device configured for flow-monitoring receives a specific BGP update message, i...
CVE-2024-9003
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFileLoad.do of the component Attachment Handler. The manipulation of the argument oid leads to improper acce...
CVE-2024-9003
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFileLoad.do of the component Attachment Handler. The manipulation of the argument oid leads to improper acce...
CVE-2024-9003
CVE-2024-9003 affects Jinan Chicheng/JFlow 2.0.0. The vulnerability is in the function AttachmentUploadController of the Attachment Handler, in file "/WF/Ath/EntityMutliFile_Load.do". The issue stems from manipulation of the argument oid , which leads to improper access controls and potentially e...
CVE-2024-9003 Jinan Chicheng Company JFlow Attachment EntityMutliFile_Load.do AttachmentUploadController access control
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFileLoad.do of the component Attachment Handler. The manipulation of the argument oid leads to improper acce...
CVE-2024-9003 Jinan Chicheng Company JFlow Attachment EntityMutliFile_Load.do AttachmentUploadController access control
A vulnerability was found in Jinan Chicheng Company JFlow 2.0.0. It has been rated as problematic. This issue affects the function AttachmentUploadController of the file /WF/Ath/EntityMutliFileLoad.do of the component Attachment Handler. The manipulation of the argument oid leads to improper acce...
PT-2024-39360 · Jflow · Jflow
Name of the Vulnerable Software and Affected Versions: JFlow version 2.0.0 Description: A problematic issue affects the function AttachmentUploadController of the component Attachment Handler, specifically in the file "/WF/Ath/EntityMutliFile Load.do". The manipulation of the argument oid leads t...
CVE-2024-39553
An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send arbitrary data to the device, which leads msvcsd process to crash with limited availability impacting Denial of Service DoS a...
CVE-2024-39553
CVE-2024-39553 affects Juniper Networks Junos OS Evolved sampling service (inline jflow). A Resource Exposure to Wrong Sphere vulnerability allows an unauthenticated, network-based attacker to send arbitrary data to the device, causing the msvcsd process to crash and yielding limited DoS while no...
PT-2024-28529 · Juniper Networks · Junos Evolved
Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions 21.4 through 21.4R3-S7-EVO Juniper Networks Junos OS Evolved versions 22.2 through 22.2R3-S3-EVO Juniper Networks Junos OS Evolved versions 22.3 through 22.3R3-S2-EVO Juniper Networks Junos OS Evolve...
CVE-2024-21611 Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Juniper Flow Monitoring jflow scenario route churn that...
PT-2024-1112 · Juniper Networks · Junos Evolved +1
Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.4R3 Junos OS versions prior to 22.1R3 Junos OS versions prior to 22.2R3 Junos OS Evolved versions prior to 21.4R3-EVO Junos OS Evolved versions prior to 22.1R3-EVO Junos OS Evolved versions prior to 22.2R3-EVO...
CVE-2021-0270
On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine PFE microkernel architecture of Juniper Networks Junos OS may allow an attacker to cause a Denial of Service DoS condition whereby one or more Flexible PIC...
Race condition
On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine PFE microkernel architecture of Juniper Networks Junos OS may allow an attacker to cause a Denial of Service DoS condition whereby one or more Flexible PIC...