Filters
Juniper JUNOSJunos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash
8.7
First published (updated )
Juniper JUNOSJunos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS
8.8
EPSS
0.05%
First published (updated )
Juniper JUNOSJunos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information
7.5
EPSS
0.09%
First published (updated )
Juniper JUNOSJunos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crash
7.5
EPSS
0.05%
First published (updated )
Juniper JUNOSJunos OS: SRX Series and MX Series: SIP ALG doesn't drop specifically malformed retransmitted SIP packets
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload and download arbitrary files
First published (updated )
Juniper JUNOSJuniper Junos OS EX Series PHP External Variable Modification Vulnerability
First published (updated )
Juniper JUNOSJuniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability
First published (updated )
Juniper JUNOSJuniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability
First published (updated )
Juniper JUNOSJunos OS: EX and SRX Series: A PHP vulnerability in J-Web allows an unauthenticated to control an important environment variable
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSSRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a specific malformed SSL packet is received
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: A flowd core occurs when running a low privileged CLI command
5.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: jbuf memory leak when SSL Proxy and UTM Web-Filtering is applied
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Policies that rely on JDPI-Decoder actions may fail open
5.3
First published (updated )
Juniper JUNOSJunos OS: SRX Series: The flow processing daemon (flowd) will crash when Unified Policies are used with IPv6 and certain dynamic applications are rejected by the device
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is received
6.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series and MX Series: Memory leak due to receipt of specially crafted SIP calls
7.5
First published (updated )
Juniper JUNOSJunos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received
7.5
First published (updated )
Juniper JUNOSJunos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if the SIP ALG is enabled and specific SIP messages are processed
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: A memory leak might be observed in IPsec VPN scenario leading to an FPC crash
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash when specific H.323 packets are received
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will reboot
5.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: A flowd core will be observed when malformed GPRS traffic is processed
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Upon processing of a genuine packet the pkid process will crash during CMPv2 auto-re-enrollment
7.5
First published (updated )
Juniper JUNOSSRX Series: If Unified Threat Management (UTM) Enhanced Content Filtering (CF) is enabled and specific traffic is processed the PFE will crash
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: SRX Series and MX Series: When specific valid SIP packets are received the PFE will crash
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX series: The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: An FPC memory leak can occur in an APBR scenario
7.5
First published (updated )
Juniper JUNOSJunos OS: MX Series and SRX Series: When receiving a specific SIP packets stale call table entries are created which eventually leads to a DoS for all SIP traffic
5.3
First published (updated )
Juniper JUNOSJunos OS: SRX and EX Series: Local privilege escalation flaw in "download" functionality
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: MX MS-MPC or MS-MIC, or SRX SPC crashes if it receives a SIP message with a specific contact header format
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Denial of service vulnerability in flowd daemon upon receipt of a specific fragmented packet
7.5
First published (updated )
Juniper JUNOSDNS forwarders - cache poisoning vulnerability
6.8
First published (updated )
Juniper JUNOSJunos OS: MX Series and SRX Series: The flowd daemon will crash if the SIP ALG is enabled and specific SIP messages are processed
7.5
First published (updated )
Juniper JUNOSSRX Series and MX Series with SPC3: A high percentage of fragments might lead to high latency or packet drops
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: MX and SRX series: Flowd core observed if the SIP ALG is enabled and a specific Session Initiation Protocol (SIP) packet is received
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permitted by pre-id-default-policy
9.8
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the service
10
First published (updated )
Juniper JUNOSJunos OS: SRX Series: The flowd process will crash if log session-close is configured and specific traffic is received
5.9
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Persistent XSS vulnerability in J-Web
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restarted
6.5
First published (updated )
Juniper JUNOSJunos OS: Denial of Service vulnerability in J-Web and web based (HTTP/HTTPS) services caused by a high number of specific requests
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: A remote attacker may be able to cause a PFE buffer overflow to arbitrarily remotely execute code or commands on the target device with UTM enabled.
10
First published (updated )
Juniper JUNOSJunos OS: A race condition in the storm control profile may allow an attacker to cause a Denial of Service condition
7.4
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Memory leak when querying Aggregated Ethernet (AE) interface statistics
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: SRX, vSRX Series: J-Web Path traversal vulnerability in SRX and vSRX Series leads to information disclosure.
6.8
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Denial of Service in J-Web upon receipt of crafted HTTP packets
7.5
First published (updated )
Juniper JUNOSJunos OS: J-Web: Cross-site scripting attack allows an attacker to gain control of another users session.
9.3
First published (updated )
Juniper JUNOSJunos OS and Junos OS Evolved: Upon receipt of a specific BGP FlowSpec message network traffic may be disrupted.
10
First published (updated )
Juniper JUNOSJunos OS and Junos OS Evolved: In bidirectional LSP configurations, on MPLS egress router RPD may core upon receipt of specific malformed RSVP packet.
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.