VYPR

Vendor CVEs

Juniper Networks

All CVEs

1,081 total · sorted by risk
  • CVE-2022-22250Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Improper Control of a Resource Through its Lifetime vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated adjacent attacker to cause a Denial of Service (DoS). In an EVPN-MPLS scenario, if MAC is learned…

  • CVE-2022-22249Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When there is a continuous mac move a memory…

  • CVE-2022-22248Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Incorrect Permission Assignment vulnerability in shell processing of Juniper Networks Junos OS Evolved allows a low-privileged local user to modify the contents of a configuration file which could cause another user to execute arbitrary commands within the context of the…

  • CVE-2022-22247Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS)…

  • CVE-2022-22246Oct 18, 2022
    risk 0.00cvss epss 0.01

    A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. By chaining this vulnerability with other unspecified vulnerabilities, and by circumventing…

  • CVE-2022-22245Oct 18, 2022
    risk 0.00cvss epss 0.01

    A Path Traversal vulnerability in the J-Web component of Juniper Networks Junos OS allows an authenticated attacker to upload arbitrary files to the device by bypassing validation checks built into Junos OS. The attacker should not be able to execute the file due to validation…

  • CVE-2022-22244Oct 18, 2022
    risk 0.00cvss epss 0.00

    An XPath Injection vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker sending a crafted POST to reach the XPath channel, which may allow chaining to other unspecified vulnerabilities, leading to a partial loss of confidentiality.…

  • CVE-2022-22243Oct 18, 2022
    risk 0.00cvss epss 0.00

    An XPath Injection vulnerability due to Improper Input Validation in the J-Web component of Juniper Networks Junos OS allows an authenticated attacker to add an XPath command to the XPath stream, which may allow chaining to other unspecified vulnerabilities, leading to a partial…

  • CVE-2022-22241Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Input Validation vulnerability in the J-Web component of Juniper Networks Junos OS may allow an unauthenticated attacker to access data without proper authorization. Utilizing a crafted POST request, deserialization may occur which could lead to unauthorized local…

  • CVE-2022-22240Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Allocation of Resources Without Limits or Throttling and a Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated low privileged attacker to cause a…

  • CVE-2022-22239Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Execution with Unnecessary Privileges vulnerability in Management Daemon (mgd) of Juniper Networks Junos OS Evolved allows a locally authenticated attacker with low privileges to escalate their privileges on the device and potentially remote systems. This vulnerability allows…

  • CVE-2022-22238Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). When an incoming RESV message…

  • CVE-2022-22237Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity. A vulnerability in the processing of TCP-AO will allow a BGP or LDP peer not configured with…

  • CVE-2022-22236Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Access of Uninitialized Pointer vulnerability in SIP Application Layer Gateway (ALG) of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When specific valid SIP packets are received the…

  • CVE-2022-22235Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS). A PFE crash will happen when a GPRS Tunnel…

  • CVE-2022-22234Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). If the…

  • CVE-2022-22233Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). In Segment Routing (SR) to Label…

  • CVE-2022-22232Oct 18, 2022
    risk 0.00cvss epss 0.01

    A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On SRX Series If Unified Threat Management (UTM) Enhanced Content Filtering…

  • CVE-2022-22231Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Unchecked Return Value to NULL Pointer Dereference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On SRX Series if Unified Threat Management (UTM) Enhanced…

  • CVE-2022-22230Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS (Denial of Service). If another router generates more than one specific valid OSPFv3 LSA…

  • CVE-2022-22229Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability, a stored XSS (or persistent), in the Control Center Controller web pages of Juniper Networks Paragon Active Assurance (Formerly Netrounds) allows a high-privilege attacker with…

  • CVE-2022-22228Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Validation of Specified Type of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an attacker to cause an RPD memory leak leading to a Denial of Service (DoS). This memory leak only occurs when the attacker's packets are…

  • CVE-2022-22227Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved on ACX7000 Series allows an unauthenticated network-based attacker to cause a partial Denial of Service (DoS). On receipt of specific…

  • CVE-2022-22226Oct 18, 2022
    risk 0.00cvss epss 0.00

    In VxLAN scenarios on EX4300-MP, EX4600, QFX5000 Series devices an Uncontrolled Memory Allocation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated adjacently located attacker sending specific packets to cause a Denial of…

  • CVE-2022-22225Oct 18, 2022
    risk 0.00cvss epss 0.00

    A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker with an established BGP session to cause a Denial of Service (DoS). In a BGP multipath…

  • CVE-2022-22224Oct 18, 2022
    risk 0.00cvss epss 0.00

    An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause the periodic packet management daemon (PPMD) process to go into…

  • CVE-2022-22223Oct 18, 2022
    risk 0.00cvss epss 0.01

    On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker…

  • CVE-2022-22220Oct 18, 2022
    risk 0.00cvss epss 0.00

    A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service (DoS). When a BGP flow route with redirect IP extended…

  • CVE-2022-22219Oct 18, 2022
    risk 0.00cvss epss 0.01

    Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Networks Junos OS and Junos OS Evolved, an attacker in direct control of a BGP client connected to a route reflector, or via a machine in the middle (MITM) attack, can send a…

  • CVE-2022-22218Oct 18, 2022
    risk 0.00cvss epss 0.00

    On SRX Series devices, an Improper Check for Unusual or Exceptional Conditions when using Certificate Management Protocol Version 2 (CMPv2) auto re-enrollment, allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS) by crashing the pkid process. The…

  • CVE-2022-22211Oct 18, 2022
    risk 0.00cvss epss 0.01

    A limitless resource allocation vulnerability in FPC resources of Juniper Networks Junos OS Evolved on PTX Series allows an unprivileged attacker to cause Denial of Service (DoS). Continuously polling the SNMP jnxCosQstatTable causes the FPC to run out of GUID space, causing a…

  • CVE-2022-22208Oct 18, 2022
    risk 0.00cvss epss 0.00

    A Use After Free vulnerability in the Routing Protocol Daemon (rdp) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause Denial of Service (DoS). When a BGP session flap happens, a Use After Free of a memory location that…

  • CVE-2022-22201Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). On SRX5000 Series with SPC3, SRX4000…

  • CVE-2022-22192Oct 18, 2022
    risk 0.00cvss epss 0.01

    An Improper Validation of Syntactic Correctness of Input vulnerability in the kernel of Juniper Networks Junos OS Evolved on PTX series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an incoming TCP packet destined to the device is…

  • CVE-2022-22221Jul 20, 2022
    risk 0.00cvss epss 0.00

    An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. One aspect of this vulnerability is…

  • CVE-2022-22217Jul 20, 2022
    risk 0.00cvss epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). The issue is caused by malformed MLD packets looping on a…

  • CVE-2022-22216Jul 20, 2022
    risk 0.00cvss epss 0.00

    An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000…

  • CVE-2022-22215Jul 20, 2022
    risk 0.00cvss epss 0.01

    A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module (PAM) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). It is…

  • CVE-2022-22214Jul 20, 2022
    risk 0.00cvss epss 0.00

    An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific…

  • CVE-2022-22213Jul 20, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under…

  • CVE-2022-22212Jul 20, 2022
    risk 0.00cvss epss 0.01

    An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos Evolved platforms hostbound protocols…

  • CVE-2022-22210Jul 20, 2022
    risk 0.00cvss epss 0.00

    A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). On QFX5K Series and MX Series, when the PFE receives a…

  • CVE-2022-22209Jul 20, 2022
    risk 0.00cvss epss 0.01

    A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos platforms, the Kernel Routing Table (KRT) queue can get stuck due to a…

  • CVE-2022-22207Jul 20, 2022
    risk 0.00cvss epss 0.01

    A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby…

  • CVE-2022-22206Jul 20, 2022
    risk 0.00cvss epss 0.01

    A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search feature of UTM…

  • CVE-2022-22205Jul 20, 2022
    risk 0.00cvss epss 0.01

    A Missing Release of Memory after Effective Lifetime vulnerability in the Application Quality of Experience (appqoe) subsystem of the PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). Upon…

  • CVE-2022-22204Jul 20, 2022
    risk 0.00cvss epss 0.01

    An Improper Release of Memory Before Removing Last Reference vulnerability in the Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Juniper Networks Junos OS allows unauthenticated network-based attacker to cause a partial Denial of Service (DoS). On all MX…

  • CVE-2022-22203Jul 20, 2022
    risk 0.00cvss epss 0.01

    An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a…

  • CVE-2022-22202Jul 20, 2022
    risk 0.00cvss epss 0.01

    An Improper Handling of Exceptional Conditions vulnerability on specific PTX Series devices, including the PTX1000, PTX3000 (NextGen), PTX5000, PTX10002-60C, PTX10008, and PTX10016 Series, in Juniper Networks Junos OS allows an unauthenticated MPLS-based attacker to cause a…

  • CVE-2022-22198Apr 14, 2022
    risk 0.00cvss epss 0.01

    An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On…

Page 12 of 22