VYPR

Junos

by Juniper Networks

CVEs (766)

  • CVE-2018-0025MedJul 11, 2018
    risk 0.40cvss 6.1epss 0.01

    When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious…

  • CVE-2018-0008MedJan 10, 2018
    risk 0.40cvss 6.2epss 0.00

    An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured under the [system scripts commit] stanza. Certain commit scripts that work without a…

  • CVE-2016-1276MedAug 5, 2016
    risk 0.39cvss 5.9epss 0.02

    Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D23, 12.3X48 before 12.3X48-D25, and 15.1X49 before 15.1X49-D40 on a High-End SRX-Series chassis system with one or more Application Layer Gateways (ALGs) enabled allow remote attackers to cause a denial of service (CPU…

  • CVE-2026-33773MedApr 9, 2026
    risk 0.38cvss 5.8epss 0.00

    An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX Series device allows an unauthenticated, network-based attacker to cause an integrity impact to downstream networks. When the…

  • CVE-2017-10618MedOct 13, 2017
    risk 0.38cvss 5.9epss 0.02

    When the 'bgp-error-tolerance' feature â€" designed to help mitigate remote session resets from malformed path attributes â€" is enabled, a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash…

  • CVE-2017-2346MedJul 17, 2017
    risk 0.38cvss 5.9epss 0.01

    An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). Repeated crashes of the Service PC can result in an extended denial of service condition. The issue can be seen only if NAT or stateful-firewall rules…

  • CVE-2016-1277MedSep 9, 2016
    risk 0.38cvss 5.9epss 0.02

    Juniper Junos OS before 12.1X46-D50, 12.1X47 before 12.1X47-D40, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R6, 15.1 before 15.1F6 or 15.1R3, and 15.1X49 before 15.1X49-D40, when configured with a GRE or IPIP…

  • CVE-2016-1273MedApr 15, 2016
    risk 0.38cvss 5.9epss 0.01

    Juniper Junos OS before 13.2X51-D40, 14.x before 14.1X53-D30, and 15.x before 15.1X53-D20 on QFX5100 and QFX10002 switches do not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic encryption and authentication protection mechanisms via…

  • CVE-2016-1262MedJan 15, 2016
    risk 0.38cvss 5.9epss 0.02

    Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway (RTSP ALG) is enabled, allow remote attackers to cause a denial of…

  • CVE-2016-1257MedJan 15, 2016
    risk 0.38cvss 5.9epss 0.02

    The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before 13.3R7-S3, 14.1R1 before 14.1R6, 14.1R3 before 14.1R3-S9, 14.1R4 before 14.1R4-S7, 14.1X51 before 14.1X51-D65, 14.1X53 before 14.1X53-D12, 14.1X53 before 14.1X53-D28, 14.1X53 before…

  • CVE-2018-0029MedJul 11, 2018
    risk 0.37cvss 5.7epss 0.01

    While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system to crash and restart (vmcore). This issue only affects Junos OS 15.1 and later releases, and affects both single core and…

  • CVE-2026-33787MedApr 9, 2026
    risk 0.36cvss 5.5epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200 and SRX4600 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a…

  • CVE-2026-33786MedApr 9, 2026
    risk 0.36cvss 5.5epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the chassis control daemon (chassisd) of Juniper Networks Junos OS on SRX1600, SRX2300 and SRX4300 allows a local attacker with low privileges to cause a complete Denial of Service (DoS). When a specific…

  • CVE-2026-33776MedApr 9, 2026
    risk 0.36cvss 5.5epss 0.00

    A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information. A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will…

  • CVE-2017-10613MedOct 13, 2017
    risk 0.36cvss 5.5epss 0.00

    A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface…

  • CVE-2018-0034MedJul 11, 2018
    risk 0.35cvss 5.3epss 0.02

    A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is limited to systems which receives IPv6 DHCP packets on a system configured for…

  • CVE-2018-0031MedJul 11, 2018
    risk 0.35cvss 5.3epss 0.01

    Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated and meet a very specific packet format to be classified in a way that bypasses IP firewall filter rules. The packets themselves…

  • CVE-2018-0019MedApr 11, 2018
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. While a mib2d process crash can disrupt the network monitoring…

  • CVE-2018-0009MedJan 10, 2018
    risk 0.35cvss 5.4epss 0.01

    On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a…

  • CVE-2017-10621MedOct 13, 2017
    risk 0.35cvss 5.3epss 0.02

    A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior to 12.1X46-D71; 12.3X48 prior to 12.3X48-D50; 14.1 prior to 14.1R8-S5, 14.1R9;…

Page 5 of 39