CVE-2023-22402 Junos OS Evolved: The kernel might restart in a BGP scenario where "bgp auto-discovery" is enabled and such a neighbor flaps

A Use After Free vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. In a Non Stop Routing NSR scenario, an unexpected kernel restart might be observed if "bgp auto-discovery" is enabled and if there ...

Juniper Junos OS Vulnerability (JSA70199)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70199 advisory. - An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows a network-based,...

Juniper Junos OS Vulnerability (JSA70200)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70200 advisory. - An Out-of-bounds Write vulnerability in the Internet Key Exchange Protocol daemon iked of Juniper Networks Junos OS on SRX series and MX with SPC3 allows an authenticated,...

CVE-2023-22415

CVE-2023-22415 is an out-of-bounds write in the H.323 ALG of Junos OS that causes the flowd daemon to crash and can lead to a DoS when specific H.323 packets are received concurrently on MX and SRX Series devices. Affected versions include Junos OS on MX/SRX prior to: 19.4R3-S10; 20.2R3-S6; 20.3R...

Juniper Junos OS Vulnerability (JSA70211)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70211 advisory. - An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service DoS...

CVE-2023-22404

CVE-2023-22404 describes an out-of-bounds write in Juniper Junos OS iked (SRX/MX with SPC3) that can cause DoS. An authenticated, network-based attacker can trigger iked to crash and restart during IKE negotiation by sending a specially formatted payload, disrupting other concurrent IKE negotiati...

Juniper Junos OS Vulnerability (JSA70208)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70208 advisory. - An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-bas...

CVE-2023-22391 Junos OS: ACX2K Series: Receipt of a high rate of specific traffic will lead to a Denial of Service (DoS)

A vulnerability in class-of-service CoS queue management in Juniper Networks Junos OS on the ACX2K Series devices allows an unauthenticated network-based attacker to cause a Denial of Service DoS. Specific packets are being incorrectly routed to a queue used for other high-priority traffic such a...

Juniper Junos OS Vulnerability (JSA70207)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70207 advisory. - An Out-of-Bounds Write vulnerability in Flow Processing Daemon flowd of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of...

Juniper Junos OS Vulnerability (JSA70197)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70197 advisory. - An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon aftmand of Juniper Networks Junos OS and Junos OS Evolved allows an...

PT-2023-3065 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions 21.3 prior to 21.3R3-EVO Juniper Networks Junos OS Evolved versions 21.4 prior to 21.4R2-EVO Juniper Networks Junos OS Evolved versions 22.1 prior to 22.1R2-EVO Juniper Networks Junos OS Evolved...

PT-2023-3071 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on ACX2K Series versions prior to 19.4R3-S9 Juniper Networks Junos OS on ACX2K Series versions 20.2 Juniper Networks Junos OS on ACX2K Series versions 20.3 through 20.3R3-S6 Juniper Networks Junos OS on ACX2K Series...

Microsoft Patch Tuesday for January 2023 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update on Tuesday, disclosing 98 vulnerabilities. Of these vulnerabilities, 11 are classified as "Critical", 87 are classified as "Important", no vulnerability classified as "Moderate." According to Microsoft all "Critical" vulnerability are either less...

CVE-2022-22184 Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute in version 22.3R1

An Improper Input Validation vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS. If a BGP update message is received over an established BGP session, and that message...

PT-2022-6306 · Bosch · Bosch B420

Name of the Vulnerable Software and Affected Versions: Bosch B420 firmware 02.02.0001 Description: The issue is related to improper access control in the Bosch B420 Ethernet module's control panel, allowing an attacker to bypass security restrictions and gain unauthorized access to protected...

CVE-2022-22237

An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity. A vulnerability in the processing of TCP-AO will allow a BGP or LDP peer not configured with authentication to...

CVE-2022-22232

A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. On SRX Series If Unified Threat Management UTM Enhanced Content Filtering CF is enabled and...

Authentication flaw

An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity. A vulnerability in the processing of TCP-AO will allow a BGP or LDP peer not configured with authentication to...

Input validation

An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper Networks Junos OS Evolved on PTX series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. When an incoming TCP packet destined to the device is malformed there is a...

Input validation

An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service DoS condition. Continued receipt...