1242 matches found
CVE-2025-59964
A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...
EUVD-2025-33360
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has responde...
EUVD-2025-33363
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service DoS. When an affected system receives a specific BGP EVPN updat...
EUVD-2025-33387
An Authentication Bypass by Primary Weakness in the FTP server of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to get limited read-write access to files on the device. When the FTP server is enabled and a user named "ftp" or "anonymous" is configured, that user can...
EUVD-2025-33402
A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...
CVE-2025-60010
A password aging vulnerability in the RADIUS client of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated, network-based attacker to access the device without enforcing the required password change. Affected devices allow logins by users for whom the RADIUS server has responde...
CVE-2025-60006
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in the CLI of Juniper Networks Junos OS Evolved could be used to elevate privileges and/or execute unauthorized commands. When an attacker executes crafted CLI commands,...
CVE-2025-60004
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service DoS. When an affected system receives a specific BGP EVPN updat...
CVE-2025-59980
An Authentication Bypass by Primary Weakness in the FTP server of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to get limited read-write access to files on the device. When the FTP server is enabled and a user named "ftp" or "anonymous" is configured, that user can...
CVE-2025-60010
CVE-2025-60010 affects Juniper Junos OS and Junos OS Evolved. A password-aging flaw in the RADIUS client lets an authenticated, network-based attacker log in without enforcing a required password change, using an expired but correct password. Affected versions include: Junos OS pre-22.4R3-S8, 23....
CVE-2025-60004
CVE-2025-60004 affects Juniper Networks Junos OS and Junos OS Evolved. An improper check in the routing protocol daemon (rpd) allows an unauthenticated, network-based attacker to trigger a DoS by sending a crafted BGP EVPN update over an established BGP session, causing rpd to crash/restart. No B...
CVE-2025-60004 Junos OS and Junos OS Evolved: Specific BGP EVPN update message causes rpd crash
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-Of-Service DoS. When an affected system receives a specific BGP EVPN updat...
CVE-2025-59957
An Origin Validation Error vulnerability in an insufficient protected file of Juniper Networks Junos OS on EX4600 Series and QFX5000 Series allows an unauthenticated attacker with physical access to the device to create a backdoor which allows complete control of the system. When a device isn't...
CVE-2025-52960
A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...
CVE-2025-52960
A Buffer Copy without Checking Size of Input vulnerability in the Session Initialization Protocol SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When memory utilization is high, and specific...
CVE-2025-59957
An Origin Validation Error vulnerability in an insufficient protected file of Juniper Networks Junos OS on EX4600 Series and QFX5000 Series allows an unauthenticated attacker with physical access to the device to create a backdoor which allows complete control of the system. When a device isn't...
CVE-2025-59980
Summary of CVE-2025-59980 : Juniper Networks Junos OS FTP server contains an authentication bypass. When the FTP server is enabled and a user named “ftp” or “anonymous” exists, an unauthenticated attacker can log in without a password and gain read/write access to the user’s home directory. Affec...
CVE-2025-59964
This CVE concerns Juniper Networks Junos OS on SRX4700 devices. A Use of Uninitialized Resource vulnerability in the PFE (Packet Forwarding Engine) can be triggered by forwarding-options sampling, allowing an unauthenticated, network-based attacker to cause a DoS. Specifically, when traffic desti...
CVE-2025-59964 Junos OS: SRX4700: When forwarding-options sampling is enabled any traffic destined to the RE will cause the forwarding line card to crash and restart
A Use of Uninitialized Resource vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX4700 devices allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. When forwarding-options sampling is enabled, receipt of any traffic destined to the...
CVE-2025-59962 Junos OS and Junos OS Evolved: With BGP sharding enabled, change in indirect next-hop can cause RPD crash
An Access of Uninitialized Pointer vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved with BGP sharding configured allows an attacker triggering indirect next-hop updates, along with timing outside the attacker's control, to cause rpd to crash and...