Juniper Security Vulnerabilities (CVEs)

A double free vulnerability in Juniper's flow processing daemon (flowd) allows unauthenticated attackers to cause denial-of-service by sending a speci...

An unauthenticated attacker can send specially crafted DNS requests to Juniper SRX Series devices running vulnerable Junos OS versions, causing the fl...

A Use After Free vulnerability in Juniper's chassis daemon allows authenticated low-privilege attackers to cause denial-of-service by repeatedly subsc...

An incorrect calculation vulnerability in Juniper's Layer 2 Control Protocol Daemon (l2cpd) allows unauthenticated network-adjacent attackers to cause...

An unauthenticated attacker can cause a complete denial-of-service on vulnerable Juniper EX4000 switches by sending high volumes of traffic to the dev...

An improper locking vulnerability in Juniper SRX Series GTP plugin allows unauthenticated attackers to cause denial-of-service by sending malformed GT...

An unauthenticated attacker can cause a denial-of-service on Juniper SRX Series firewalls by sending specially crafted SSL packets to devices with UTM...

A local Time-of-check Time-of-use race condition vulnerability in Juniper Junos OS on MX10k Series allows low-privileged users to cause line card cras...

An unauthenticated attacker can crash the packet forwarding engine on vulnerable Juniper SRX Series devices by sending a specific ICMP packet through ...

This vulnerability allows attackers to decrypt TLS/SSL traffic by exploiting the use of static key ciphers in Juniper Junos Space servers. It affects ...

A use-after-free vulnerability in Juniper's 802.1X authentication daemon (dot1xd) allows authenticated, network-adjacent attackers to crash the daemon...

This CVE describes a memory leak vulnerability in Juniper's routing protocol daemon (rpd) that allows an adjacent IS-IS neighbor to send malicious upd...

An unauthenticated network-adjacent attacker can cause denial of service by flapping an interface in EVPN-VXLAN configurations on affected Juniper dev...

An unauthenticated attacker on an adjacent network can send a specially crafted malformed ICMPv4 packet to vulnerable Juniper Junos OS devices, causin...

A stack-based buffer overflow vulnerability in Juniper Junos OS Packet Forwarding Engine allows authenticated low-privilege attackers to cause denial-...

An unauthenticated attacker can send specially crafted SIP messages over TCP to trigger an infinite loop in Juniper's SIP ALG, crashing critical proce...

A local untrusted pointer dereference vulnerability in Juniper Junos OS routing protocol daemon allows authenticated low-privilege users to cause deni...

A vulnerability in Juniper's DHCP service allows a DHCP client in one subnet to exhaust address pools in other subnets, causing Denial of Service on d...

A local privilege escalation vulnerability in Juniper's DHCP daemon allows any authenticated user, regardless of privileges, to connect to the managem...

A buffer over-read vulnerability in Juniper's routing protocol daemon (rpd) allows unauthenticated attackers to cause denial-of-service by sending spe...

A local attacker with low privileges can cause a denial-of-service on Juniper Junos OS devices by executing a specially crafted 'show chassis' command...

An unauthenticated network attacker can send a specific BGP attribute to Juniper Junos devices, causing them to modify it incorrectly before forwardin...

A clickjacking vulnerability in Juniper Networks Paragon Automation web portal allows attackers to embed the interface in malicious frames and trick u...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the CLI Configlet page...

This vulnerability allows authenticated network-based attackers to bypass password expiration policies on Juniper Junos OS and Junos OS Evolved device...

This cross-site scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Generate Report pa...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Generate Report pa...

This cross-site scripting vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Template Definitions pag...

An unauthenticated network attacker can cause a denial-of-service by sending a specific BGP EVPN update message to Juniper Junos OS and Junos OS Evolv...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Quick Template pag...

This cross-site scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Configuration View...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into CLI Configlets pages. ...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Archive Log screen...

This cross-site scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the API Access Profile...

This Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into template creation page...

This is a cross-site scripting (XSS) vulnerability in Juniper Networks Junos Space management interface that allows attackers to inject malicious scri...

This cross-site scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Secure Console pag...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into Space Node Setting fie...

This cross-site scripting vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Quick Template page. Whe...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Global Search feat...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Purging Policy pag...

This cross-site scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into input fields. When adm...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the device search fiel...

This cross-site scripting vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Generate Report page. Wh...

This cross-site scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Device Discovery p...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Device Template De...

This cross-site scripting vulnerability in Juniper Junos Space allows attackers to inject malicious scripts into the dashboard search field. When anot...

This Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos Space allows attackers to inject malicious scripts into the Template Definitio...

An unauthenticated attacker can flood Juniper Junos Space with HTTP API requests, consuming all file handles and causing a complete denial of service....