VYPR

Junos

by Juniper Networks

CVEs (766)

  • CVE-2018-0002HigJan 10, 2018
    risk 0.53cvss 8.2epss 0.02

    On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd…

  • CVE-2017-2342HigJul 17, 2017
    risk 0.53cvss 8.1epss 0.01

    MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. It falls back to an unencrypted link. This can happen when MACsec is configured on ports that are not capable of MACsec or…

  • CVE-2016-4923HigOct 13, 2017
    risk 0.52cvss 8.0epss 0.01

    Insufficient cross site scripting protection in J-Web component in Juniper Networks Junos OS may potentially allow a remote unauthenticated user to inject web script or HTML and steal sensitive data and credentials from a J-Web session and to perform administrative actions on…

  • CVE-2026-33793HigApr 9, 2026
    risk 0.51cvss 7.8epss 0.00

    An Execution with Unnecessary Privileges vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python…

  • CVE-2018-0024HigJul 11, 2018
    risk 0.51cvss 7.8epss 0.00

    An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series;…

  • CVE-2017-2344HigJul 17, 2017
    risk 0.51cvss 7.8epss 0.00

    A routine within an internal Junos OS sockets library is vulnerable to a buffer overflow. Malicious exploitation of this issue may lead to a denial of service (kernel panic) or be leveraged as a privilege escalation through local code execution. The routines are only accessible…

  • CVE-2016-1278HigAug 5, 2016
    risk 0.51cvss 7.8epss 0.00

    Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software"…

  • CVE-2016-1271HigApr 15, 2016
    risk 0.51cvss 7.8epss 0.00

    Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D25, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R6, 14.2 before 14.2R4, 15.1 before 15.1R1 or 15.1F2, and 15.1X49 before 15.1X49-D15 allow local users to…

  • CVE-2026-33790HigApr 9, 2026
    risk 0.49cvss 7.5epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker sending a specific, malformed ICMPv6 packet to cause the srxpfe process to crash and restart. Continued receipt and…

  • CVE-2026-33778HigApr 9, 2026
    risk 0.49cvss 7.5epss 0.00

    An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS). If an…

  • CVE-2018-0032HigJul 11, 2018
    risk 0.49cvss 7.5epss 0.02

    The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart. Repeated receipt of the same crafted BGP UPDATE can result in an extended denial of service condition for the device. This issue only affects the specific versions of Junos OS…

  • CVE-2018-0030HigJul 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected…

  • CVE-2018-0027HigJul 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash. When RPD is unavailable, routing updates cannot be processed which can lead to an extended network outage. If RSVP is not enabled on an interface, then the issue…

  • CVE-2018-0022HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command…

  • CVE-2018-0020HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.01

    Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a repeated malformed BGP UPDATEs can result in an extended denial of service condition for the device. This malformed BGP UPDATE does…

  • CVE-2018-0018HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.02

    On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or…

  • CVE-2018-0017HigApr 11, 2018
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service…

  • CVE-2017-10619HigOct 13, 2017
    risk 0.49cvss 7.5epss 0.01

    When Express Path (formerly known as service offloading) is configured on Juniper Networks SRX1400, SRX3400, SRX3600, SRX5400, SRX5600, SRX5800 in high availability cluster configuration mode, certain multicast packets might cause the flowd process to crash, halting or…

  • CVE-2017-10610HigOct 13, 2017
    risk 0.49cvss 7.5epss 0.01

    On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. Repeated crashes of the flowd process constitutes an extended denial of service condition for the SRX Series device. This issue only occurs if NAT64 is…

  • CVE-2017-10608HigOct 13, 2017
    risk 0.49cvss 7.5epss 0.01

    Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. This vulnerability in the Sun/MS-RPC ALG services component of Junos OS allows an attacker to cause a repeated denial of service…

Page 2 of 39