1476 matches found
CVE-2024-39538
A Buffer Copy without Checking Size of Input vulnerability in the PFE management daemon evo-pfemand of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS.When multicast traffic with a specific, valid S,G is received,...
CVE-2024-39537
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong...
CVE-2024-39536
A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon ppmd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service DoS. When a BFD session configured with authentication...
CVE-2024-39537
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong...
CVE-2024-39536
A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon ppmd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a Denial-of-Service DoS. When a BFD session configured with authentication...
CVE-2024-39531
An Improper Handling of Values vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service DoS. If a value is configured for DDoS bandwidth or burst parameters for any...
CVE-2024-39535
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a device has a Layer 3 or an IRB interface configur...
CVE-2024-39532
An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive information is stored as plai...
CVE-2024-39531
An Improper Handling of Values vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000 Series allows a network-based, unauthenticated attacker to cause a Denial-of-Service DoS. If a value is configured for DDoS bandwidth or burst parameters for any...
CVE-2024-39535
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a device has a Layer 3 or an IRB interface configur...
CVE-2024-39553
CVE-2024-39553 affects Juniper Networks Junos OS Evolved sampling service (inline jflow). A Resource Exposure to Wrong Sphere vulnerability allows an unauthenticated, network-based attacker to send arbitrary data to the device, causing the msvcsd process to crash and yielding limited DoS while no...
CVE-2024-39553 Junos OS Evolved: Receipt of arbitrary data when sampling service is enabled, leads to partial Denial of Service (DoS).
An Exposure of Resource to Wrong Sphere vulnerability in the sampling service of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to send arbitrary data to the device, which leads msvcsd process to crash with limited availability impacting Denial of Service DoS a...
CVE-2024-39552 Junos OS and Junos OS Evolved: Malformed BGP UPDATE causes RPD crash
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause the RPD process to crash leading to a Denial of Service DoS. When a malformed BGP UPDATE pack...
CVE-2024-39549 Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not...
CVE-2024-39549
CVE-2024-39549 affects Junos OS and Junos OS Evolved. A crafted BGP Path attribute update can trigger a Missing Release of Memory after Effective Lifetime in the routing process daemon (rpd), causing memory to be allocated but not freed in all paths and leading to a DoS. Impact is memory exhausti...
CVE-2024-39549 Junos OS and Junos OS Evolved: Receipt of malformed BGP path attributes leads to a memory leak
A Missing Release of Memory after Effective Lifetime vulnerability in the routing process daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an attacker to send a malformed BGP Path attribute update which allocates memory used to log the bad path attribute. This memory is not...
CVE-2024-39548
CVE-2024-39548 describes an Uncontrolled Resource Consumption vulnerability in the aftmand process of Juniper Networks Junos OS Evolved. An unauthenticated, network-based attacker can cause memory consumption leading to a Denial of Service; affected systems do not recover automatically and requir...
CVE-2024-39546 Junos OS Evolved: Local low-privilege user can gain root permissions leading to privilege escalation
A Missing Authorization vulnerability in the Socket Intercept SI command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to execute with root privileges leading to privile...
CVE-2024-39546 Junos OS Evolved: Local low-privilege user can gain root permissions leading to privilege escalation
A Missing Authorization vulnerability in the Socket Intercept SI command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to execute with root privileges leading to privile...
CVE-2024-39542 Junos OS and Junos OS Evolved: A malformed CFM packet or specific transit traffic leads to FPC crash
An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a...