Filter
AND
Juniper JUNOSJunos OS and Junos OS Evolved: Upon receipt of a specific BGP FlowSpec message network traffic may be disrupted.
10
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the service
10
First published (updated )
Juniper JUNOSJunos OS: SRX Series: A remote attacker may be able to cause a PFE buffer overflow to arbitrarily remotely execute code or commands on the target device with UTM enabled.
10
First published (updated )
Juniper JUNOSJunos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permitted by pre-id-default-policy
9.8
First published (updated )
Juniper JUNOSJunos OS: J-Web: Cross-site scripting attack allows an attacker to gain control of another users session.
9.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: RPD daemon crashes due to receipt of specific Draft-Rosen MVPN control packet in Draft-Rosen MVPN configuration
8.8
First published (updated )
Juniper JUNOSJunos OS: RPD daemon crashes upon receipt of specific MPLS packet
8.8
First published (updated )
Juniper JUNOSJunos OS and Junos OS Evolved: In bidirectional LSP configurations, on MPLS egress router RPD may core upon receipt of specific malformed RSVP packet.
8.8
First published (updated )
Juniper JUNOSJunos OS: Session fixation vulnerability in J-Web
8.8
First published (updated )
Juniper JUNOSJunos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash
8.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: BGP session termination upon receipt of specific BGP FlowSpec advertisement.
8.6
First published (updated )
Juniper JUNOSMX series, SRX series: Junos OS: Denial of service vulnerability in Flowd on devices with ALG enabled.
8.2
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Credentials exposed when using HTTP and HTTPS Firewall Pass-through User Authentication
8.1
First published (updated )
Juniper JUNOSSRX Series: MACsec failure to report errors
8.1
First published (updated )
Juniper JUNOSJunos OS: Path traversal vulnerability in J-Web
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: SRX Series: Persistent XSS vulnerability in J-Web
8
First published (updated )
Juniper JUNOSJunos OS: A privilege escalation vulnerability exists where authenticated users with shell access can become root
7.8
First published (updated )
Juniper JUNOSSRX Series: srxpfe process crash while JSF/UTM module parses specific HTTP packets
7.8
First published (updated )
Juniper JUNOSJunos OS: SRX Series: A weakness in the Veriexec subsystem may allow privilege escalation.
7.8
First published (updated )
Juniper JUNOSJunos OS: rpd daemon cores due to malformed BGP UPDATE packet
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: SRX and EX Series: Local privilege escalation flaw in "download" functionality
7.8
First published (updated )
Juniper JUNOSJunos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crash
7.5
EPSS
0.05%
First published (updated )
Juniper JUNOSJunos OS: SRX Series and MX Series: SIP ALG doesn't drop specifically malformed retransmitted SIP packets
7.5
First published (updated )
Juniper JUNOSJunos OS: Receipt of a specifically crafted malicious MPLS packet leads to a Junos kernel crash.
7.5
First published (updated )
ISC BINDImproper fetch cleanup sequencing in the resolver can cause named to crash
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Juniper JUNOSJunos OS: A malformed IPv4 packet received by Junos in an NG-mVPN scenario may cause the routing protocol daemon (rpd) process to core
7.5
First published (updated )
Juniper JUNOSJunos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets
7.5
First published (updated )
Juniper JUNOSJunos OS: MX Series and SRX Series: The flowd daemon will crash if the SIP ALG is enabled and specific SIP messages are processed
7.5
First published (updated )
Juniper JUNOSJunos OS: MX and SRX series: Flowd core observed if the SIP ALG is enabled and a specific Session Initiation Protocol (SIP) packet is received
7.5
First published (updated )
Juniper JUNOSSRX Series and MX Series with SPC3: A high percentage of fragments might lead to high latency or packet drops
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.