CVE-2025-52984

A NULL Pointer Dereference vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause impact to the availability of the device. When static route points to a reject next hop and a gNMI query is...

CVE-2025-52983

A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device. On VM Host Routing Engines RE, even if the configured public key for root has been removed, remote users which are i...

CVE-2025-6549 Junos OS: SRX Series: J-Web can be exposed on additional interfaces

An Incorrect Authorization vulnerability in the web server of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to reach the Juniper Web Device Manager J-Web. When Juniper Secure connect JSC is enabled on specific interfaces, or multiple interfaces are...

CVE-2025-6549

CVE-2025-6549 (Junos OS SRX, J-Web exposure) is an Incorrect Authorization vulnerability in the web server that can allow an unauthenticated, network-based attacker to reach the Juniper Web Device Manager (J-Web). It arises when Juniper Secure Connect (JSC) is enabled on specific interfaces or mu...

CVE-2025-52983 Junos OS: After removing ssh public key authentication root can still log in

A UI Discrepancy for Security Feature vulnerability in the UI of Juniper Networks Junos OS on VM Host systems allows a network-based, unauthenticated attacker to access the device. On VM Host Routing Engines RE, even if the configured public key for root has been removed, remote users which are i...

Juniper Junos OS Vulnerability (JSA100090)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100090 advisory. - A NULL Pointer Dereference vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based...

Juniper Junos OS Vulnerability (JSA100084)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA100084 advisory. - A Use of Incorrect Byte Ordering vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS on SRX300 Series allows an unauthenticated, network-based...

PT-2025-29254

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 21.2R3-S9 Juniper Networks Junos OS versions 21.4 prior to 21.4R3-S10 Juniper Networks Junos OS versions 22.2 prior to 22.2R3-S6 Juniper Networks Junos OS versions 22.4 prior to 22.4R3-S6 Juniper...

CVE-2025-4663 Denial-of-Service (DoS) after Unusual or Exceptional Conditions vulnerability

An Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade Fabric OS before 9.2.2.a could allow an authenticated, network-based attacker to cause a Denial-of-Service DoS. The vulnerability is encountered when supportsave is invoked remotely, using ssh command or SANnav inlin...

CVE-2025-47160

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network...

CVE-2023-21886

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Orac...

CVE-2025-30659

An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When a device configured for Secure Vector Routing SVR receives a...

PT-2025-15858 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions prior to 21.2R3-S9 Junos OS versions from 21.4 before 21.4R3-S10 Junos OS versions from 22.2 before 22.2R3-S6 Junos OS versions from 22.4 before 22.4R3-S4 Junos OS versions from 23.2 before 23.2R2-S2 Junos OS versions from...

CVE-2024-10210

An External Control of File Name or Path vulnerability in the APROL Web Portal used in B APROL 4.4-005P may allow an authenticated network-based attacker to access data from the file system...

CVE-2024-47504 Junos OS: SRX5000 Series: Receipt of a specific malformed packet will cause a flowd crash

An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine pfe Juniper Networks Junos OS on SRX5000 Series allows an unauthenticated, network based attacker to cause a Denial of Service Dos. When a non-clustered SRX5000 device receives a specifically malformed...

CVE-2024-39537 Junos OS Evolved: ACX7000 Series: Ports which have been inadvertently exposed can be reached over the network

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, network-based attacker to cause a limited information disclosure and availability impact to the device. Due to a wrong...

Juniper Networks Junos OS Security Vulnerability

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that stems from the presence of an...

Juniper Junos OS Vulnerability (JSA79095)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA79095 advisory. - An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon RPD of Junos OS and Junos OS Evolved allows an unauthenticated, network-based...

CVE-2024-36472

In GNOME Shell through 45.7, a portal helper can be launched automatically without user confirmation based on network responses provided by an adversary e.g., an adversary who controls the local Wi-Fi network, and subsequently loads untrusted JavaScript code, which may lead to resource consumptio...

CVE-2023-51364

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions:...