VYPR

Junos

by Juniper Networks

CVEs (766)

  • CVE-2022-22191Apr 14, 2022
    risk 0.00cvss epss 0.00

    A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout,…

  • CVE-2022-22188Apr 14, 2022
    risk 0.00cvss epss 0.01

    An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The…

  • CVE-2022-22186Apr 14, 2022
    risk 0.00cvss epss 0.01

    Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being…

  • CVE-2022-22185Apr 14, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding.…

  • CVE-2022-22182Apr 14, 2022
    risk 0.00cvss epss 0.01

    A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator. This issue affects: Juniper…

  • CVE-2022-22181Apr 14, 2022
    risk 0.00cvss epss 0.01

    A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web. This may allow the attacker…

  • CVE-2022-22180Jan 19, 2022
    risk 0.00cvss epss 0.01

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). Over time, exploitation of this vulnerability may cause traffic…

  • CVE-2022-22179Jan 19, 2022
    risk 0.00cvss epss 0.00

    A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). In a scenario where…

  • CVE-2022-22178Jan 19, 2022
    risk 0.00cvss epss 0.01

    A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these…

  • CVE-2022-22177Jan 19, 2022
    risk 0.00cvss epss 0.01

    A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of…

  • CVE-2022-22176Jan 19, 2022
    risk 0.00cvss epss 0.00

    An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby a Denial of Service (DoS).…

  • CVE-2022-22175Jan 19, 2022
    risk 0.00cvss epss 0.01

    An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series and SRX Series allows an unauthenticated networked attacker to cause a flowprocessing daemon (flowd) crash and thereby a Denial of Service (DoS). Continued receipt of these specific…

  • CVE-2022-22174Jan 19, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches may cause the memory to not be freed, leading to a packet DMA memory leak, and eventual Denial of Service (DoS) condition. Once the condition occurs,…

  • CVE-2022-22173Jan 19, 2022
    risk 0.00cvss epss 0.01

    A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). In a scenario where Public Key Infrastructure (PKI) is…

  • CVE-2022-22172Jan 19, 2022
    risk 0.00cvss epss 0.00

    A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued exploitation can lead to memory…

  • CVE-2022-22171Jan 19, 2022
    risk 0.00cvss epss 0.01

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to…

  • CVE-2022-22170Jan 19, 2022
    risk 0.00cvss epss 0.01

    A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause heap memory…

  • CVE-2022-22169Jan 19, 2022
    risk 0.00cvss epss 0.01

    An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR…

  • CVE-2022-22168Jan 19, 2022
    risk 0.00cvss epss 0.00

    An Improper Validation of Specified Type of Input vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to trigger a Missing Release of Memory after Effective Lifetime vulnerability. Continued exploitation of this vulnerability will…

  • CVE-2022-22167Jan 19, 2022
    risk 0.00cvss epss 0.01

    A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is enabled on the device. While…

Page 22 of 39