Lucene search
+L

231 matches found

CVE
CVE
added 2023/07/14 4:26 p.m.57 views

CVE-2023-36838

CVE-2023-36838 affects Juniper Networks Junos OS on SRX Series, with an out-of-bounds read in the flow processing daemon (flowd) that a local, authenticated, low-privilege attacker can exploit by issuing a specific CLI command to crash flowd and cause a DoS. The vulnerability can produce a core d...

5.5CVSS5.5AI score0.00184EPSS
CVE
CVE
added 2024/01/12 12:54 a.m.57 views

CVE-2024-21606

CVE-2024-21606 affects Juniper Networks Junos OS on SRX Series with a Double Free vulnerability in the flowd daemon . In a remote-access VPN, if a tcp-encap-profile is configured and a sequence of specific packets is received, a flowd crash and restart can occur, caused by a faulty free operation...

7.5CVSS7.5AI score0.00555EPSS
CVE
CVE
added 2024/10/11 3:16 p.m.57 views

CVE-2024-39526

CVE-2024-39526 affects Junos OS on MX Series (MPC10/MPC11/LC9600), EX9200 (EX9200-15C), MX304, and Junos OS Evolved on PTX Series. The issue is an improper handling of exceptional conditions in DHCP packet processing; when DHCP snooping is enabled, malformed DHCP packets can cause ingress process...

7.1CVSS6.5AI score0.00352EPSS
CVE
CVE
added 2024/10/11 3:17 p.m.57 views

CVE-2024-39527

CVE-2024-39527 describes an exposure of sensitive information vulnerability in the CLI of Juniper Networks Junos OS on SRX Series devices. A local, low-privileged user with CLI access can view protected files on the file system through crafted CLI commands, enabling information disclosure as desc...

6.8CVSS5.4AI score0.0023EPSS
CVE
CVE
added 2024/10/11 3:24 p.m.57 views

CVE-2024-47494

CVE-2024-47494 affects Juniper Networks Junos OS, specifically the AgentD process and related FPC handling. A TOCTOU race condition during telemetry polling can cause AgentD to reaping an already destroyed sensor, leading to memory corruption and a DoS when the FPC crashes. The FPC auto-recovers ...

8.2CVSS5.9AI score0.0035EPSS
CVE
CVE
added 2026/01/15 8:20 p.m.57 views

CVE-2026-21906

CVE-2026-21906 overview (Junos OS SRX Series) A vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on SRX Series can be triggered by a specific ICMP packet routed through a GRE tunnel when PowerMode IPsec (PMI) and GRE performance acceleration are enabled. An unauthe...

8.7CVSS6.7AI score0.00497EPSS
CVE
CVE
added 2024/07/10 10:36 p.m.56 views

CVE-2024-39555

Summary of vulnerability (CVE-2024-39555): Juniper Networks Junos OS and Junos OS Evolved RPD mishandles certain malformed BGP Update messages when segment routing is enabled, causing session resets and potential DoS. A remote attacker must have at least one established BGP session; affected are ...

8.7CVSS7.7AI score0.00503EPSS
CVE
CVE
added 2024/07/10 10:44 p.m.56 views

CVE-2024-39560

Juniper Junos OS and Junos OS Evolved are affected by CVE-2024-39560 via the routing protocol daemon (rpd). The issue is an improper handling of exceptional conditions that lets a logically adjacent downstream RSVP neighbor induce kernel memory exhaustion and a DoS. Affected ranges include multip...

7.1CVSS6.4AI score0.00248EPSS
CVE
CVE
added 2023/07/14 5:43 p.m.55 views

CVE-2023-36840

Summary (CVE-2023-36840) A reachable-assertion vulnerability in Juniper’s Routing Protocol Daemon (RPD) on Junos OS and Junos OS Evolved can be exploited by a locally authenticated, low-privilege user when running a specific L2VPN command to cause a DoS (RPD crash/restart). Affected products/vers...

5.5CVSS5.5AI score0.00194EPSS
CVE
CVE
added 2025/04/09 7:50 p.m.55 views

CVE-2025-21595

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved can cause an FPC crash and DoS. In EVPN-VXLAN, receiving specific ARP (IPv4) or NDP (IPv6) packets triggers kernel heap memory leaks and event...

7.1CVSS7AI score0.00246EPSS
CVE
CVE
added 2023/04/17 12:0 a.m.54 views

CVE-2023-28965

CVE-2023-28965 targets Juniper Networks Junos OS on QFX10002, caused by an improper check/handling in the storm control feature. A high rate of traffic can trigger a sustained DoS as storm control drops packets when thresholds are exceeded. Affected versions include: 19.3R3-S7 and earlier; 19.4R3...

7.5CVSS6.9AI score0.00616EPSS
CVE
CVE
added 2024/07/11 4:22 p.m.54 views

CVE-2024-39545

The CVE describes an Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS iked (on SRX Series, MX Series with SPC3, and NFX350), where unauthenticated network-based attackers can trigger an iked crash during IPsec negotiations by sending specific mismatching parameter...

8.7CVSS7.5AI score0.00491EPSS
CVE
CVE
added 2024/10/11 3:23 p.m.53 views

CVE-2024-47491

Summary: CVE-2024-47491 affects Juniper Networks Junos OS and Junos OS Evolved. A network-based, unauthenticated attacker can cause a DoS by sending a BGP UPDATE with a malformed path attribute to an established BGP session; the Routing Protocol Daemon (rpd) crashes and restarts, potentially lead...

8.2CVSS5.8AI score0.00572EPSS
CVE
CVE
added 2023/04/17 12:0 a.m.52 views

CVE-2023-28963

Summary: CVE-2023-28963 is an Improper Authentication vulnerability in cert-mgmt.php of Juniper Networks Junos OS J-Web component. An unauthenticated, network-based attacker can read arbitrary files from temporary folders on affected devices. Affected software: Juniper Networks Junos OS running J...

5.3CVSS5.3AI score0.00482EPSS
CVE
CVE
added 2024/01/12 12:55 a.m.52 views

CVE-2024-21607

Concrete details available: Juniper Junos OS on MX Series and EX9200 Series is affected by CVE-2024-21607 due to a kernel-filter payload-protocol handling issue in IPv6 firewall filters. The root cause is that the payload-protocol match is not supported in the kernel filter, causing terms to acce...

5.3CVSS5.1AI score0.0031EPSS
CVE
CVE
added 2024/10/11 3:38 p.m.52 views

CVE-2024-47507

CVE-2024-47507 affects Junos OS and Junos OS Evolved. The issue is in the routing protocol daemon (rpd): when a BGP update carries an aggregator attribute with an ASN value of zero, rpd accepts and propagates it, causing potential integrity impacts on downstream peers. Affected versions include: ...

6.9CVSS5.7AI score0.00283EPSS
CVE
CVE
added 2023/07/14 3:56 p.m.51 views

CVE-2023-36832

Summary: CVE-2023-36832 is an Improper Handling of Exceptional Conditions in Junos OS on MX Series, where unauthenticated attackers can send packets to the AMS interface to crash the PFE and cause DoS. Affected products/versions (MX Series Junos OS): all prior to 19.1R3-S10; 19.2 prior to 19.2R3-...

7.5CVSS7.4AI score0.00642EPSS
CVE
CVE
added 2024/10/11 3:31 p.m.51 views

CVE-2024-47501

CVE-2024-47501 involves a NULL pointer dereference in the packet forwarding engine (pfe) of Juniper Networks Junos OS. A locally authenticated attacker with low privileges can trigger a DoS by executing specific show commands in VPLS or Junos Fusion, causing all FPCs hosting VPLS sessions or sate...

6.8CVSS5.6AI score0.00205EPSS
CVE
CVE
added 2023/10/12 11:3 p.m.50 views

CVE-2023-44192

CVE-2023-44192 : In Juniper Networks Junos OS QFX5000 Series, the vulnerability affects the Packet Forwarding Engine where improper input validation enables an unauthenticated, network-based attacker to trigger a DMA memory leak, causing a DoS. The issue is observed when pseudo-VTEP is configured...

7.5CVSS7.4AI score0.00515EPSS
CVE
CVE
added 2024/07/11 4:13 p.m.49 views

CVE-2024-39536

CVE-2024-39536 concerns Juniper Networks Junos OS and Junos OS Evolved. A Missing Release of Memory after Effective Lifetime vulnerability in the Periodic Packet Management Daemon (ppmd) allows an unauthenticated adjacent attacker to cause a Denial-of-Service (DoS). The leak is triggered when a B...

6CVSS5.5AI score0.00228EPSS
CVE
CVE
added 2024/10/11 3:24 p.m.49 views

CVE-2024-47493

CVE-2024-47493 affects Junos OS on MX Series with Trio-based FPCs. The vulnerability is a Missing Release of Memory after Effective Lifetime in the PFE, causing a heap memory leak during channelized MIC interface flap activity and potentially leading to DoS for unauthenticated adjacent attackers....

7.1CVSS6.4AI score0.00355EPSS
CVE
CVE
added 2024/10/11 3:30 p.m.45 views

CVE-2024-47499

CVE-2024-47499 affects Juniper Networks Junos OS and Junos OS Evolved. An unauthenticated, network-based attacker can trigger a DoS by sending a malformed AS PATH attribute over an established BGP session in BMP rib-in pre-policy monitoring, causing the RPD to crash and restart. The issue affects...

8.7CVSS7.5AI score0.00617EPSS
CVE
CVE
added 2025/07/11 3:10 p.m.42 views

CVE-2025-52989

CVE-2025-52989 describes an Improper Neutralization of Delimiters vulnerability in the UI of Juniper Networks Junos OS and Junos OS Evolved. A local, authenticated attacker with high privileges can exploit a specially crafted annotate configuration command to modify any part of the device configu...

6.8CVSS6.3AI score0.00119EPSS
CVE
CVE
added 2026/01/15 8:19 p.m.41 views

CVE-2026-21905

CVE-2026-21905 affects Juniper Junos OS on SRX Series and MX Series with MX-SPC3 or MS-MPC. The vulnerability is a loop with an unreachable exit condition in the SIP application layer gateway (ALG) that can be triggered by processing multiple SIP messages over TCP. This causes the flow management...

8.7CVSS6.6AI score0.00367EPSS
CVE
CVE
added 2025/07/11 3:11 p.m.39 views

CVE-2025-6549

CVE-2025-6549 (Junos OS SRX, J-Web exposure) is an Incorrect Authorization vulnerability in the web server that can allow an unauthenticated, network-based attacker to reach the Juniper Web Device Manager (J-Web). It arises when Juniper Secure Connect (JSC) is enabled on specific interfaces or mu...

6.9CVSS6.7AI score0.00208EPSS
CVE
CVE
added 2026/04/09 9:24 p.m.39 views

CVE-2026-33793

CVE-2026-33793 describes an Execution with Unnecessary Privileges in the Junos OS/Junos OS Evolved UI. If a device has a configuration that allows unsigned Python op scripts, a non-root user can run malicious op scripts and escalate to root-equivalent privileges, compromising the system. Affected...

8.5CVSS6AI score0.00159EPSS
CVE
CVE
added 2026/04/09 9:35 p.m.38 views

CVE-2026-33778

CVE-2026-33778 affects Junos OS on SRX Series and MX Series. The vulnerability is in the IPsec library used by kmd/iked, where processing a specifically malformed first ISAKMP packet can cause the kmd/iked process to crash and restart. This results in a momentary inability to establish new securi...

8.7CVSS5.9AI score0.00338EPSS
CVE
CVE
added 2025/07/11 2:41 p.m.37 views

CVE-2025-52951

CVE-2025-52951 describes a Protection Mechanism Failure in Juniper Networks Junos OS where kernel filter processing mishandles the payload-protocol match, causing firewall terms to effectively accept all traffic destined for the control plane IPv6 traffic. Affected Junos OS versions include all p...

6.9CVSS5.2AI score0.00318EPSS
CVE
CVE
added 2025/07/11 2:43 p.m.37 views

CVE-2025-52958

Summary of CVE-2025-52958 : A Reachable Assertion in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved can cause an adjacent, unauthenticated attacker to trigger a DoS. The issue occurs when route validation is enabled and a rare condition during BGP initial sess...

6CVSS6.5AI score0.00211EPSS
CVE
CVE
added 2025/07/11 3:11 p.m.37 views

CVE-2025-52988

The CVE-2025-52988 issue is a local OS command injection in the CLI of Juniper Networks Junos OS and Junos OS Evolved. The underlying flaw allows a high-privilege attacker to execute commands as root when crafting arguments to the command 'request system logout', enabling complete device compromi...

8.4CVSS6.4AI score0.00465EPSS
CVE
CVE
added 2026/04/09 9:34 p.m.37 views

CVE-2026-33774

CVE-2026-33774 affects Junos OS on Juniper MX Series (MPC10/11, LC4800/LC9600 line cards and MX304). An improper check allows an unauthenticated, network-based attacker to bypass firewall filters applied to loopback interfaces lo0.n (n != 0) that are in the default routing instance, enabling pote...

6.9CVSS5.9AI score0.00174EPSS
CVE
CVE
added 2025/10/09 3:40 p.m.35 views

CVE-2025-52960

CVE-2025-52960 affects Juniper Networks Junos OS on SRX Series and MX Series, caused by a Buffer Copy without Checking Size in the SIP ALG (flowd/mspmand). The underlying issue occurs when memory utilization is high and specific SIP packets arrive, crashing the flowd process and causing a DoS; th...

8.2CVSS6.2AI score0.00309EPSS
CVE
CVE
added 2026/01/15 8:23 p.m.35 views

CVE-2026-21910

CVE-2026-21910 affects Junos OS on EX4k Series and QFX5k Series with EVPN-VXLAN LAG/VPLAG. An unauthenticated, network-adjacent attacker can trigger a link flap, which in configurations with multiple load-balanced next-hops can cause Inter-VNI traffic to drop, resulting in DoS. Recovery requires ...

7.1CVSS6.5AI score0.00249EPSS
CVE
CVE
added 2026/04/09 9:38 p.m.35 views

CVE-2026-33791

CVE-2026-33791 affects Junos OS and Junos OS Evolved. The vulnerability lies in the CLI processing of certain crafted set system commands, where arguments are not properly sanitized, enabling an attacker with local, high privileges to inject arbitrary shell commands that execute as root. This can...

8.4CVSS6AI score0.00692EPSS
CVE
CVE
added 2026/04/09 9:28 p.m.34 views

CVE-2026-21916

CVE-2026-21916 is a local privilege-escalation vulnerability in Juniper Networks Junos OS CLI via UNIX Symlink Following. It permits a low-privilege, authenticated attacker to escalate to root after performing a specific file link CLI operation and later when another user commits unrelated config...

7.3CVSS5.9AI score0.00129EPSS
CVE
CVE
added 2026/07/09 9:7 p.m.34 views

CVE-2026-57026

CVE-2026-57026 affects Junos OS on MX Series with SPC3 and SRX Series . The issue is an Improp er Validation of Syntactic Correctness of Input in the SIP plugin, enabling an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS) . When the SIP ALG is enabled, processing a malf...

8.7CVSS5.9AI score0.00461EPSS
CVE
CVE
added 2025/07/11 3:9 p.m.33 views

CVE-2025-52983

CVE-2025-52983 describes a UI discrepancy in Junos OS on VM Host systems (VM Host Routing Engines) that allows a network-based, unauthenticated attacker to access the device. On REs, even after removing the public key for root login, users with the corresponding private key can still log in as ro...

8.6CVSS6.8AI score0.00604EPSS
CVE
CVE
added 2025/07/11 3:4 p.m.32 views

CVE-2025-52953

CVE-2025-52953 affects Juniper Networks Junos OS and Junos OS Evolved. An unauthenticated adjacent attacker can send a valid BGP UPDATE, causing a BGP session reset and a sustained DoS. Affected releases include: Junos OS before 21.2R3-S9; 21.4 before 21.4R3-S11; 22.2 before 22.2R3-S7; 22.4 befor...

7.1CVSS6.6AI score0.00275EPSS
CVE
CVE
added 2025/07/11 2:42 p.m.32 views

CVE-2025-52955

CVE-2025-52955 describes an Incorrect Calculation of Buffer Size in Juniper Networks Junos OS and Junos OS Evolved rpd when jflow/sflow updates are sent as a routing instance’s logical interface flaps. The issue can cause memory corruption, leading to an rpd crash and restart, with sustained DoS ...

7.1CVSS6.8AI score0.00271EPSS
CVE
CVE
added 2026/01/15 8:25 p.m.32 views

CVE-2026-21914

CVE-2026-21914 describes an Improper Locking vulnerability in the GTP plugin of Juniper Networks Junos OS on SRX Series. A specially crafted GTP Modify Bearer Request can cause a lock to be acquired and never released, preventing other threads from acquiring it, triggering a watchdog timeout and ...

8.7CVSS6.4AI score0.00299EPSS
CVE
CVE
added 2026/04/09 9:30 p.m.32 views

CVE-2026-33779

The CVE concerns Junos OS on SRX Series failing to properly verify the server certificate when provisioning to Security Director cloud, enabling a PITM to intercept traffic and access credentials and sensitive data. Affected Junos OS versions include all before 22.4R3-S9, 23.2 before 23.2R2-S6, 2...

8.3CVSS5.9AI score0.00121EPSS
CVE
CVE
added 2025/10/09 3:43 p.m.31 views

CVE-2025-59957

CVE-2025-59957 affects Juniper Networks Junos OS on EX4600 Series and QFX5000 Series switches. Affected versions: all prior to 21.4R3 and 22.2 prior to 22.2R3-S3. The vulnerability is a runtime/Origin Validation Error in an insufficient protected file , allowing an unauthenticated attacker with p...

7CVSS6.3AI score0.00173EPSS
Web
CVE
CVE
added 2026/01/15 8:15 p.m.31 views

CVE-2025-60003

CVE-2025-60003 affects Juniper Networks Junos OS and Junos OS Evolved. A Buffer Over-read in the routing protocol daemon (rpd) can be triggered by a BGP update containing specific optional transitive attributes when peers are not 4-byte-AS capable, causing the rpd process to crash and the device ...

8.7CVSS6.4AI score0.00367EPSS
CVE
CVE
added 2026/01/15 8:17 p.m.31 views

CVE-2026-0203

CVE-2026-0203 affecting Juniper Networks Junos OS —An Improper Handling of Exceptional Conditions vulnerability in packet processing can be exploited by an unauthenticated, network-adjacent attacker sending a specifically malformed ICMP (IPv4) packet. This causes the Flexible Packet Processor (FP...

7.1CVSS5.8AI score0.00249EPSS
CVE
CVE
added 2026/04/09 9:30 p.m.31 views

CVE-2026-33775

CVE-2026-33775 describes a memory leak (Missing Release of Memory after Effective Lifetime) in Juniper Junos OS MX Series bbe-smgd that can be triggered by a mismatch between configured and received packet types. An adjacent, unauthenticated attacker may cause a DoS by exhausting heap memory, aft...

7.1CVSS5.8AI score0.00195EPSS
CVE
CVE
added 2025/07/11 3:6 p.m.30 views

CVE-2025-52964

CVE-2025-52964 is a Reachable Assertion vulnerability in Juniper Networks Junos OS and Junos OS Evolved rpd. An unauthenticated, network-based attacker can trigger a crash by sending a specific BGP UPDATE packet when BGP multipath pause-computation-during-churn is configured, leading to a sustain...

7.1CVSS6.4AI score0.00259EPSS
CVE
CVE
added 2025/07/11 3:10 p.m.30 views

CVE-2025-52986

Summary: CVE-2025-52986 is a memory leak in Juniper Networks Junos OS and Junos OS Evolved’s routing protocol daemon (rpd) triggered when RIB sharding is enabled and a user runs certain routing-related show commands. The leak can exhaust memory, causing rpd to crash and restart, impacting device ...

6.8CVSS6.5AI score0.00113EPSS
CVE
CVE
added 2025/07/11 3:8 p.m.29 views

CVE-2025-52981

CVE-2025-52981 affects Juniper JUNOS OS flowd on SRX1600/SRX2300/SRX4000/SRX5000 (with SPC3). A sequence of specific PIM multicast packets can cause an unauthenticated network-based attacker to crash flowd and restart, resulting in DoS. Vulnerable versions include all before 21.2R3-S9, 21.4 befor...

8.7CVSS6.4AI score0.00445EPSS
CVE
CVE
added 2025/07/11 3:8 p.m.29 views

CVE-2025-52982

Juniper Junos OS MX Series with MS-MPC SIP ALG is affected. When two or more SIP-processing service sets run, an improper resource shutdown can cause the MS-MPC to crash and restart, enabling unauthenticated network-based DoS. Affected versions: all before 21.2R3-S9; 21.4 from 21.4R1; 22.2 before...

8.2CVSS6.7AI score0.00378EPSS
CVE
CVE
added 2025/07/11 2:39 p.m.28 views

CVE-2025-52946

CVE-2025-52946 is a Use After Free in Juniper Junos OS and Junos OS Evolved rpd triggered by a BGP update containing a specifically malformed AS PATH, causing the rpd process to crash and restart and resulting in DoS when traceoptions are enabled. Affected: Junos OS and Junos OS Evolved across mu...

8.7CVSS6.3AI score0.00441EPSS
Total number of security vulnerabilities231