58 matches found
EUVD-2025-33403
A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an unauthenticated, network-based attacker to replace legitimate vSRX images with malicious ones. If a trusted user initiates deployment, Security Director Policy Enforcer wil...
CVE-2025-11198
A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an unauthenticated, network-based attacker to replace legitimate vSRX images with malicious ones. If a trusted user initiates deployment, Security Director Policy Enforcer wil...
CVE-2025-11198 Security Director Policy Enforcer: An unrestricted API allows a network-based unauthenticated attacker to deploy malicious vSRX images to VMWare NSX Server
A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an unauthenticated, network-based attacker to replace legitimate vSRX images with malicious ones. If a trusted user initiates deployment, Security Director Policy Enforcer wil...
CVE-2025-11198 Security Director Policy Enforcer: An unrestricted API allows a network-based unauthenticated attacker to deploy malicious vSRX images to VMWare NSX Server
A Missing Authentication for Critical Function vulnerability in Juniper Networks Security Director Policy Enforcer allows an unauthenticated, network-based attacker to replace legitimate vSRX images with malicious ones. If a trusted user initiates deployment, Security Director Policy Enforcer wil...
EUVD-2018-0877
Malware in sbrugna...
EUVD-2017-2252
Malware in sbrugna...
EUVD-2020-12482
Malware in sbrugna...
EUVD-2022-27348
Malicious code in bioql PyPI...
CVE-2025-21591
A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service DoS...
CVE-2025-21591
A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service DoS...
CVE-2025-21591 Junos OS: An unauthenticated adjacent attacker sending a malformed DHCP packet causes jdhcpd to crash
A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service DoS...
Juniper Junos OS Vulnerability (JSA10887)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA10887 advisory. - An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system...
Input validation
An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service DoS. On SRX5000 Series with SPC3, SRX4000 Series, and vSRX, when...
CVE-2022-22201
CVE-2022-22201 affects Juniper Networks Junos OS on SRX5000/SRX4000/vSRX with PowerMode IPsec. The Packet Forwarding Engine (PFE) crashes when receiving a malformed ESP packet that matches an established IPsec tunnel, due to improper validation of index/position/offset in input. Impact is Denial ...
CVE-2022-22201 SRX5000 Series with SPC3, SRX4000 Series, and vSRX: When PowerMode IPsec is configured, the PFE will crash upon receipt of a malformed ESP packet
An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service DoS. On SRX5000 Series with SPC3, SRX4000 Series, and vSRX, when...
Juniper Junos OS Information Disclosure (JSA11126)
The version of Junos OS installed on the remote host is affected by an information disclosure vulnerability. A path traversal vulnerability in the Juniper Networks SRX and vSRX Series may allow an authenticated J-web user to read sensitive system files as referenced in the JSA11126 advisory. Note...
CVE-2021-0231
A path traversal vulnerability in the Juniper Networks SRX and vSRX Series may allow an authenticated J-web user to read sensitive system files. This issue affects Juniper Networks Junos OS on SRX and vSRX Series: 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R2-S4,...
CVE-2021-0235
On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series devices using tenant services on Juniper Networks Junos OS, due to incorrect permission scheme assigned to tenant system administrators, a tenant system administrator may inadvertently send their network traffic to...
Code injection
On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series devices using tenant services on Juniper Networks Junos OS, due to incorrect permission scheme assigned to tenant system administrators, a tenant system administrator may inadvertently send their network traffic to...
Path traversal
A path traversal vulnerability in the Juniper Networks SRX and vSRX Series may allow an authenticated J-web user to read sensitive system files. This issue affects Juniper Networks Junos OS on SRX and vSRX Series: 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R2-S4,...