CVE-2024-21597

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

Input validation

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If an attacker sends high rate of specific ICMP traffic to a device with VXLAN...

Cross site scripting

An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS, or Remote Code Execution RCE and obtain root privileges on the device. This issue is caused by use of an...

Input validation

An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series and SRX Series platforms, when SIP ALG is enabled, and a...

Design/Logic Flaw

An Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on MX Series and EX9200 Series allows an unauthenticated, network-based attacker to cause partial impact to the integrity of the device. If the "tcp-reset" option is added to the "reject" action in an IPv6 filter which...

Code injection

An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a high rate of specific valid packets are processed by the routing engine RE this will le...

Design/Logic Flaw

An Exposure of Resource to Wrong Sphere vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to bypass the intended access restrictions. In an Abstracted Fabric AF scenario if routing-instances RI are...

CVE-2024-21616 Junos OS: MX Series and SRX Series: Processing of a specific SIP packet causes NAT IP allocation to fail

An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS. On all Junos OS MX Series and SRX Series platforms, when SIP ALG is enabled, and a...

CVE-2024-21611 Junos OS and Junos OS Evolved: In a jflow scenario continuous route churn will cause a memory leak and eventually an rpd crash

A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Juniper Flow Monitoring jflow scenario route churn that...

CVE-2024-21607

Concrete details available: Juniper Junos OS on MX Series and EX9200 Series is affected by CVE-2024-21607 due to a kernel-filter payload-protocol handling issue in IPv6 firewall filters. The root cause is that the payload-protocol match is not supported in the kernel filter, causing terms to acce...

CVE-2024-21604 Junos OS Evolved: A high rate of specific traffic will cause a complete system outage

An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a high rate of specific valid packets are processed by the routing engine RE this will le...

CVE-2024-21595 Junos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic will cause the PFE to hang

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If an attacker sends high rate of specific ICMP traffic to a device with VXLAN...

CVE-2024-21595 Junos OS: EX4100, EX4400, EX4600, QFX5000 Series: A high rate of specific ICMP traffic will cause the PFE to hang

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. If an attacker sends high rate of specific ICMP traffic to a device with VXLAN...

Juniper Networks Junos OS Resource Management Error Vulnerability

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS, which is caused by a double release...

CVE-2023-39206

Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access...

Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is...

CVE-2023-41284 QuMagie

A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later...

[SECURITY] [DLA 3648-1] tang security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3648-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 07, 2023 https://wiki.debian.org/LTS -...

CVE-2023-23369

CVE-2023-23369 is an OS command injection affecting multiple QNAP platforms. The vulnerability impacts QTS and Multimedia components (Multimedia Console and Media Streaming add-on) and could allow an attacker to execute commands over the network if exploited. Affected/fixed versions include: Mult...

Juniper Junos OS Vulnerability (JSA73170)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA73170 advisory. - An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon rpd Juniper Networks Junos OS and Junos OS Evolved allows an...