Lucene search
K

6551 matches found

Cvelist
Cvelist
added 2026/01/15 8:28 p.m.22 views

CVE-2026-21920 Junos OS: SRX Series: If a specific request is processed by the DNS subsystem flowd will crash

An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX Series device configured for DNS processing, receives a specifically formatted DNS request flowd will...

8.7CVSS0.00438EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/01/15 8:27 p.m.3 views

CVE-2026-21917

An Improper Validation of Syntactic Correctness of Input vulnerability in the Web-Filtering module of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. If an SRX device configured for UTM Web-Filtering receives a specifical...

8.7CVSS5.6AI score0.00375EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/01/15 8:24 p.m.19 views

CVE-2026-21912

CVE-2026-21912 is a TOCTOU race in Juniper Junos OS on MX10k Series affecting LC480/LC2101 line cards. Repeatedly running the CLI command “show system firmware” can cause a line card to crash and restart, with chassisd potentially crashing and generating a core dump after the line card failure. A...

6.8CVSS6.8AI score0.00103EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/01/15 8:24 p.m.6 views

EUVD-2026-2682

A Time-of-check Time-of-use TOCTOU Race Condition vulnerability in the method to collect FPC Ethernet firmware statistics of Juniper Networks Junos OS on MX10k Series allows a local, low-privileged attacker executing the 'show system firmware' CLI command to cause an LC480 or LC2101 line card to...

6.8CVSS6.6AI score0.00103EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/15 8:23 p.m.9 views

EUVD-2026-2694

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on EX4k Series and QFX5k Series platforms allows an unauthenticated network-adjacent attacker flapping an interface to cause traffic between VXLAN Network...

7.1CVSS6.4AI score0.00249EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/15 8:21 p.m.24 views

CVE-2026-21907 Junos Space: TLS/SSL server supports use of static key ciphers (ssl-static-key-ciphers)

A Use of a Broken or Risky Cryptographic Algorithm vulnerability in the TLS/SSL server of Juniper Networks Junos Space allows the use of static key ciphers ssl-static-key-ciphers, reducing the confidentiality of on-path traffic communicated across the connection. These ciphers also do not support...

8.2CVSS0.00181EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/15 8:20 p.m.2 views

CVE-2026-21906 Junos OS: SRX Series: With GRE performance acceleration enabled, receipt of a specific ICMP packet causes the PFE to crash

An Improper Handling of Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network-based attacker sending a specific ICMP packet through a GRE tunnel to cause the PFE to crash and restart. When PowerMode...

8.7CVSS6.7AI score0.00497EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/15 8:14 p.m.4 views

EUVD-2026-2702

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

6.8CVSS6.4AI score0.00117EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/15 8:14 p.m.4 views

CVE-2025-59960

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service DoS on the downstream DHCP...

7.4CVSS5.6AI score0.0024EPSS
Exploits0References3Affected Software2
EUVD
EUVD
added 2026/01/15 8:14 p.m.5 views

EUVD-2026-2718

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service DoS on the downstream DHCP...

7.4CVSS6.2AI score0.0024EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/15 8:10 p.m.5 views

EUVD-2026-2709

A clickjacking vulnerability exists in the web portal of Juniper Networks Paragon Automation Pathfinder, Planner, Insights due to the application's failure to set appropriate X-Frame-Options and X-Content-Type HTTP headers. This vulnerability allows an attacker to trick users into interacting wit...

6.1CVSS6.4AI score0.00242EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.5 views

Juniper Networks Paragon Automation security vulnerabilities

Juniper Networks Paragon Automation is an automation and operations platform provided by the American company Juniper Networks. Versions of Juniper Networks Paragon Automation prior to 24.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of appropriate...

6.1CVSS5.8AI score0.00242EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.6 views

PT-2026-3122

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 23.2R2-S1 through 23.2R2-S4 Juniper Networks Junos OS versions 23.4R2 through 23.4R2-S5 Juniper Networks Junos OS versions 24.2 through 24.2R2-S2 Juniper Networks Junos OS versions 24.4 through 24.4R2 Juniper...

7.5CVSS7.4AI score0.00293EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.4 views

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved security vulnerabilities

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, a US-based company. Juniper Networks Junos OS is a network operating system specifically designed for the company’s hardware devices. This operating system provides secure programming interfaces...

7.1CVSS5.8AI score0.00235EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

Juniper Networks Junos OS resource management error vulnerability

Juniper Networks Junos OS is a network operating system specifically designed for hardware devices used by Juniper Networks. This operating system provides secure programming interfaces and the Junos SDK. Versions of Junos OS prior to 22.4R3-S7, 23.2R2-S3, 23.4R2-S4, and 24.2R2 contain a resource...

8.7CVSS5.8AI score0.00375EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.7 views

PT-2026-3109

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

6.8CVSS6.9AI score0.00117EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.6 views

PT-2026-3108

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Juniper DHCP service jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a DHCP client in one subnet to exhaust the address pools of other subnets, leading to a Denial of Service DoS on the downstream DHCP...

7.4CVSS6.7AI score0.0024EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.6 views

Juniper Junos OS Vulnerability (JSA103166)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA103166 advisory. - A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to...

8.7CVSS5.8AI score0.00367EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:48 a.m.7 views

CVE-2009-4643

Stack-based buffer overflow in dsInstallerService.dll in the Juniper Installer Service, as used in Juniper Odyssey Access Client 4.72.11421.0 and other products, allows remote attackers to execute arbitrary code via a long string in a malformed DSSETUPSERVICECMDUNINSTALL command to the...

10CVSS8.6AI score0.03761EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:42 a.m.20 views

CVE-2022-31173

Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually...

7.5CVSS6.7AI score0.01305EPSS
Exploits1References1
Rows per page
Query Builder