Filters

Juniper JUNOSJunos OS: SRX Series: If DNS traceoptions are configured in a DGA or tunnel detection scenario specific DNS traffic leads to a PFE crash

8.7
First published (updated )

Juniper JUNOSJunos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS

8.8
EPSS
0.05%
First published (updated )

Juniper JUNOSJunos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information

7.5
EPSS
0.09%
First published (updated )

Juniper JUNOSJunos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crash

7.5
EPSS
0.05%
First published (updated )

Juniper JUNOSJunos OS: SRX Series and MX Series: SIP ALG doesn't drop specifically malformed retransmitted SIP packets

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSJunos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload and download arbitrary files

First published (updated )

Juniper JUNOSJuniper Junos OS EX Series PHP External Variable Modification Vulnerability

First published (updated )

Juniper JUNOSJuniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability

First published (updated )

Juniper JUNOSJuniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

First published (updated )

Juniper JUNOSJunos OS: EX and SRX Series: A PHP vulnerability in J-Web allows an unauthenticated to control an important environment variable

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSSRX Series and MX Series: An FPC core is observed when IDP is enabled on the device and a specific malformed SSL packet is received

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series: A flowd core occurs when running a low privileged CLI command

First published (updated )

Juniper JUNOSJunos OS: SRX Series: jbuf memory leak when SSL Proxy and UTM Web-Filtering is applied

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series: Policies that rely on JDPI-Decoder actions may fail open

First published (updated )

Juniper JUNOSJunos OS: SRX Series: The flow processing daemon (flowd) will crash when Unified Policies are used with IPv6 and certain dynamic applications are rejected by the device

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSJunos OS: SRX Series and MX Series with SPC3: When IPsec VPN is configured iked will core when a specifically formatted payload is received

First published (updated )

Juniper JUNOSJunos OS: SRX Series and MX Series: Memory leak due to receipt of specially crafted SIP calls

7.5
First published (updated )

Juniper JUNOSJunos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if SIP ALG is enabled and a malformed SIP packet is received

7.5
First published (updated )

Juniper JUNOSJunos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash if the SIP ALG is enabled and specific SIP messages are processed

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series: A memory leak might be observed in IPsec VPN scenario leading to an FPC crash

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSJunos OS: MX Series and SRX Series: The flow processing daemon (flowd) will crash when specific H.323 packets are received

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series, MX Series with SPC3: When an inconsistent NAT configuration exists and a specific CLI command is issued the SPC will reboot

First published (updated )

Juniper JUNOSJunos OS: SRX Series: A flowd core will be observed when malformed GPRS traffic is processed

7.5
First published (updated )

Juniper JUNOSSRX Series: If UTM Enhanced Content Filtering and AntiVirus are enabled, and specific traffic is processed the PFE will crash

7.5
First published (updated )

Juniper JUNOSSRX5000 Series with SPC3, SRX4000 Series, and vSRX: When PowerMode IPsec is configured, the PFE will crash upon receipt of a malformed ESP packet

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSJunos OS: SRX Series: Upon processing of a genuine packet the pkid process will crash during CMPv2 auto-re-enrollment

7.5
First published (updated )

Juniper JUNOSSRX Series: If Unified Threat Management (UTM) Enhanced Content Filtering (CF) is enabled and specific traffic is processed the PFE will crash

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series and MX Series: When specific valid SIP packets are received the PFE will crash

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX series: The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series: An FPC memory leak can occur in an APBR scenario

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSJunos OS: MX Series and SRX Series: When receiving a specific SIP packets stale call table entries are created which eventually leads to a DoS for all SIP traffic

First published (updated )

Juniper JUNOSJunos OS: SRX and EX Series: Local privilege escalation flaw in "download" functionality

7.8
First published (updated )

Juniper JUNOSJunos OS: MX MS-MPC or MS-MIC, or SRX SPC crashes if it receives a SIP message with a specific contact header format

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series: Denial of service vulnerability in flowd daemon upon receipt of a specific fragmented packet

7.5
First published (updated )

Juniper JUNOSDNS forwarders - cache poisoning vulnerability

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSJunos OS: MX Series and SRX Series: The flowd daemon will crash if the SIP ALG is enabled and specific SIP messages are processed

7.5
First published (updated )

Juniper JUNOSSRX Series and MX Series with SPC3: A high percentage of fragments might lead to high latency or packet drops

7.5
First published (updated )

Juniper JUNOSJunos OS: MX and SRX series: Flowd core observed if the SIP ALG is enabled and a specific Session Initiation Protocol (SIP) packet is received

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permitted by pre-id-default-policy

First published (updated )

Juniper JUNOSJunos OS: SRX Series: Under a specific device configuration an attacker can access the devices J-Web management services from any interface, regardless of security settings protecting the service

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSJunos OS: SRX Series: Persistent XSS vulnerability in J-Web

First published (updated )

Juniper JUNOSJunos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restarted

First published (updated )

Juniper JUNOSJunos OS: Denial of Service vulnerability in J-Web and web based (HTTP/HTTPS) services caused by a high number of specific requests

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX Series: A remote attacker may be able to cause a PFE buffer overflow to arbitrarily remotely execute code or commands on the target device with UTM enabled.

First published (updated )

Juniper JUNOSJunos OS: SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3: In a multi-tenant environment, a tenant host administrator may be able to jailbreak out of their network impacting other tenant networks or gather information from other networks.

7.3
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Juniper JUNOSJunos OS: A race condition in the storm control profile may allow an attacker to cause a Denial of Service condition

7.4
First published (updated )

Juniper JUNOSJunos OS: SRX Series: Memory leak when querying Aggregated Ethernet (AE) interface statistics

7.5
First published (updated )

Juniper JUNOSJunos OS: SRX, vSRX Series: J-Web Path traversal vulnerability in SRX and vSRX Series leads to information disclosure.

First published (updated )

Juniper JUNOSJunos OS: SRX Series: Denial of Service in J-Web upon receipt of crafted HTTP packets

7.5
First published (updated )

Juniper JUNOSJunos OS: J-Web: Cross-site scripting attack allows an attacker to gain control of another users session.

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203