CVE-2020-1680 Junos OS: MX Series: MS-MPC/MIC might crash when processing malformed IPv6 packet in NAT64 configuration.

On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticat...

CVE-2020-1667

The CVE-2020-1667 entry describes a race-condition exploit in Juniper Networks Junos OS MX Series affecting DNS filtering. Affected devices include MX Series with MS-PIC/MS-MIC/MS-MPC cards; when DNS filtering is enabled, a race in the Multiservices PIC Management Daemon (mspmand) can cause the S...

CVE-2020-1665

Juniper Junos OS IPv6 DDoS protection can fail to activate under a threshold condition on MX Series and EX9200 Series with Trio-based PFEs. This may allow the Routing Engine (RE) and/or the Flexible PIC Concentrator (FPC) to become overwhelmed, potentially disrupting network protocol operations o...

CVE-2020-1665 Junos OS: MX series/EX9200 Series: IPv6 DDoS protection does not work as expected.

On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service DDoS protection might not take affect when it reaches the threshold condition. The DDoS protection allows the device to continue to function while it is under DDoS attack, protecting bot...

CVE-2020-1660

CVE-2020-1660 affects Juniper Networks Junos OS on MX Series when DNS filtering is enabled on cards MS-PIC, MS-MIC or MS-MPC. A crafted stream processed by the Multiservices PIC Management Daemon (mspmand) may crash the Services PIC, causing the Services PIC to restart and temporarily bypass DNS ...

The vulnerability of the JunOS operating system in Juniper vMX virtual routers allows attackers to increase their privileges.

The vulnerability of the Junos operating system in Juniper vMX virtual routers lies in the storage of pre-installed registration data. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

The vulnerability of JunOS operating systems in routers from the QFX10K Series, EX9200 Series, ACX Series, MX Series, and PTX Series, allows attackers to increase their privileges.

The vulnerability of JunOS operating systems in routers from the QFX10K Series, EX9200 Series, ACX Series, MX Series, and PTX Series is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

venus.indetec.gob.mx Cross Site Scripting vulnerability OBB-1352179

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

footydvd.x10.mx Cross Site Scripting vulnerability OBB-1345781

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Malicious Package in mx-nested-menu

Version 0.1.30 of mx-nested-menu contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluat...

GHSA-48HW-37G6-3GW4 Malicious Package in mx-nested-menu

Version 0.1.30 of mx-nested-menu contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluat...

Juniper Junos MX Series PFE Small Packet DoS (JSA11036)

According to its self-reported version, the remote Juniper Junos OS device is affected by a denial of service DoS vulnerability. When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E...

Juniper Junos MX Series PFE DoS (JSA11038)

According to its self-reported version, the remote Juniper Junos device is affected by a denial of service DoS vulnerability where receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine PFE on the line card to crash and restart, causing...

CVE-2020-1655

When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine PFE will become disabled upon receipt of large packets requiring fragmentation,...

CVE-2020-1650

On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending these specific packets, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a prolonged Denial of...

CVE-2020-1651

On Juniper Networks MX series, receipt of a stream of specific Layer 2 frames may cause a memory leak resulting in the packet forwarding engine PFE on the line card to crash and restart, causing traffic interruption. By continuously sending this stream of specific layer 2 frame, an attacker...

CVE-2020-1650

On Juniper Networks Junos MX Series with service card configured, receipt of a stream of specific packets may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending these specific packets, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a prolonged Denial of...

CVE-2020-1649

When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine PFE will become disabled upon receipt of small fragments requiring reassembly,...

CVE-2020-1645

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon mspmand process, responsible for managing "URL Filtering service", may crash, causing the...

CVE-2020-1645

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon mspmand process, responsible for managing "URL Filtering service", may crash, causing the...