VYPR

Junos

by Juniper Networks

CVEs (766)

  • CVE-2016-1261HigOct 13, 2017
    risk 0.46cvss 7.1epss 0.00

    J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS).

  • CVE-2017-10603HigJul 17, 2017
    risk 0.46cvss 7.0epss 0.00

    An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior…

  • CVE-2017-10602HigJul 17, 2017
    risk 0.46cvss 7.0epss 0.00

    A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC,…

  • CVE-2026-33791MedApr 9, 2026
    risk 0.44cvss 6.7epss 0.01

    An OS Command Injection vulnerability in the CLI processing of Juniper Networks Junos OS and Junos OS Evolved allows a local, high-privileged attacker executing specific, crafted CLI commands to inject arbitrary shell commands as root, leading to a complete compromise of the…

  • CVE-2025-30650MedApr 8, 2026
    risk 0.44cvss 6.7epss 0.00

    A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root. This issue affects systems running Junos OS using Linux-based line cards.…

  • CVE-2016-1267MedApr 15, 2016
    risk 0.44cvss 6.7epss 0.00

    Race condition in the RPC functionality in Juniper Junos OS before 12.1X44-D55, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R11, 12.3X48 before 12.3X48-D20, 13.2 before 13.2R8, 13.2X51 before 13.2X51-D39, 13.3 before 13.3R7, 14.1 before 14.1R6,…

  • CVE-2026-33782MedApr 9, 2026
    risk 0.42cvss 6.5epss 0.00

    A Missing Release of Memory after Effective Lifetime vulnerability in the DHCP daemon (jdhcpd) of Juniper Networks Junos OS on MX Series, allows an adjacent, unauthenticated attacker to cause a memory leak, that will eventually cause a complete Denial-of-Service (DoS). In a…

  • CVE-2026-33781MedApr 9, 2026
    risk 0.42cvss 6.5epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service (DoS). On EX4k, and…

  • CVE-2026-33780MedApr 9, 2026
    risk 0.42cvss 6.5epss 0.00

    A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2ald) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a memory leak ultimately leading to a Denial of Service…

  • CVE-2026-33779MedApr 9, 2026
    risk 0.42cvss 6.5epss 0.00

    An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it. When an SRX device is…

  • CVE-2026-33775MedApr 9, 2026
    risk 0.42cvss 6.5epss 0.00

    A Missing Release of Memory after Effective Lifetime vulnerability in the BroadBand Edge subscriber management daemon (bbe-smgd) of Juniper Networks Junos OS on MX Series allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). If the authentication…

  • CVE-2026-21919MedApr 9, 2026
    risk 0.42cvss 6.5epss 0.00

    An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based attacker with low privileges to cause a complete Denial-of-Service (DoS) of the management plane. When NETCONF sessions are quickly…

  • CVE-2018-0006MedJan 10, 2018
    risk 0.42cvss 6.5epss 0.01

    A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. The issue was caused by attempting to process…

  • CVE-2018-0004MedJan 10, 2018
    risk 0.42cvss 6.5epss 0.01

    A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. This affects one or more…

  • CVE-2018-0003MedJan 10, 2018
    risk 0.42cvss 6.5epss 0.01

    A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Subsequently, if this stored information is accessed, this may result in a kernel crash leading to a denial of service.…

  • CVE-2017-10611MedOct 13, 2017
    risk 0.42cvss 6.5epss 0.01

    If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. Repeated crashes of PFE processing can…

  • CVE-2017-2347MedJul 17, 2017
    risk 0.42cvss 6.5epss 0.02

    A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured. Repeated crashes of the rpd daemon can result in an extended denial of service condition for the device. The…

  • CVE-2017-2312MedApr 24, 2017
    risk 0.42cvss 6.5epss 0.02

    On Juniper Networks devices running Junos OS affected versions and with LDP enabled, a specific LDP packet destined to the RE (Routing Engine) will consume a small amount of the memory allocated for the rpd (routing protocol daemon) process. Over time, repeatedly receiving this…

  • CVE-2016-1280MedSep 9, 2016
    risk 0.42cvss 6.5epss 0.01

    PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before…

  • CVE-2016-1275MedSep 9, 2016
    risk 0.42cvss 6.5epss 0.01

    Juniper Junos OS before 13.3R9, 14.1R6 before 14.1R6-S1, and 14.1 before 14.1R7, when configured with VPLS routing-instances, allows remote attackers to obtain sensitive mbuf information by injecting a flood of Ethernet frames with IPv6 MAC addresses directly into a connected…

Page 4 of 39