Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
JuniperJunos

65 matches found

CVE
CVEadded 2021/04/22 8:15 p.m.45 views

CVE-2021-0251

A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery (CPCD) services daemon (cpcd) of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an attacker to send malformed HTTP packets to the device thereby causing a Denial of Service (DoS), c...

8.6CVSS8.4AI score0.0039EPSS
CVE
CVEadded 2018/01/10 10:29 p.m.43 views

CVE-2018-0005

QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can lead to denials of services or other unintended conditions. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D40; 15...

8.8CVSS8.1AI score0.00224EPSS
CVE
CVEadded 2024/07/10 11:15 p.m.42 views

CVE-2024-39554

A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to inject incremental routing updates wh...

8.2CVSS5.8AI score0.0042EPSS
CVE
CVEadded 2024/07/10 11:15 p.m.42 views

CVE-2024-39555

An Improper Handling of Exceptional Conditions vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker sending a specific malformed BGP update message to cause the session to reset, resulting in a Denial of Service (DoS). Continued rec...

8.7CVSS7.7AI score0.01835EPSS
CVE
CVEadded 2019/10/09 8:15 p.m.41 views

CVE-2019-0047

A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device. Successful exploitation requires a Junos administrator to first perform certain diagnostic actions on J-Web. This issue...

8.8CVSS7.8AI score0.00646EPSS
CVE
CVEadded 2020/10/16 9:15 p.m.41 views

CVE-2020-1673

Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. This issue only affects Jun...

8.8CVSS8.4AI score0.01407EPSS
CVE
CVEadded 2021/04/22 8:15 p.m.40 views

CVE-2021-0269

The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded pa...

8.8CVSS8.5AI score0.00375EPSS
CVE
CVEadded 2013/10/28 10:55 p.m.39 views

CVE-2013-6012

Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit phase of the boot-up sequence, which allows remote attackers to bypass authentication via unspecified v...

8.5CVSS7.2AI score0.00149EPSS
CVE
CVEadded 2020/10/16 9:15 p.m.38 views

CVE-2020-1656

The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service (DoS) condition when a DHCPv6 client sends a specific DHPCv6 message allowing an attacker to pote...

8.8CVSS9AI score0.00447EPSS
CVE
CVEadded 2017/10/13 5:29 p.m.37 views

CVE-2016-1261

J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS).

8.8CVSS7.9AI score0.0015EPSS
CVE
CVEadded 2017/10/13 5:29 p.m.37 views

CVE-2016-4924

An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product securi...

8.4CVSS6AI score0.00053EPSS
CVE
CVEadded 2020/01/15 9:15 a.m.35 views

CVE-2020-1609

When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv6 packets who may then arbitrarily execute commands as root on the target device. This ...

8.8CVSS8.7AI score0.00203EPSS
CVE
CVEadded 2024/07/11 5:15 p.m.35 views

CVE-2024-39542

An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MPC10/11 or LC9600, MX304, and Junos OS Evolved on ACX Series and PTX Series allows an unauthenticated, network based attacker to cause a Denia...

8.7CVSS7.6AI score0.00324EPSS
CVE
CVEadded 2016/04/15 2:59 p.m.33 views

CVE-2016-1264

Race condition in the Op command in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 12.3X50 before 12.3X50-D50, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.2X52 before 13.2X52-D30, 13.3 before 13.3R...

8.8CVSS8.5AI score0.00807EPSS
CVE
CVEadded 2020/10/16 9:15 p.m.31 views

CVE-2020-1667

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. Due to this vulnerability, mspm...

8.3CVSS8.3AI score0.00311EPSS
Total number of security vulnerabilities65