Juniper Security Vulnerabilities (CVEs)

An uninitialized pointer access vulnerability in Juniper's routing protocol daemon (rpd) with BGP sharding enabled allows attackers to cause route res...

An uninitialized resource vulnerability in Juniper SRX4700 devices with forwarding-options sampling enabled allows unauthenticated network attackers t...

An unauthenticated attacker can read or modify metadata in Juniper Junos Space Security Director, potentially causing managed SRX Series devices to by...

An unauthenticated adjacent attacker can cause denial-of-service on affected Juniper PTX devices by sending specific valid CFM traffic that spikes CPU...

An origin validation error in Juniper EX4600 and QFX5000 Series devices allows attackers with physical access to create persistent backdoors when no r...

An unauthenticated network attacker can send specially crafted packets to PTX Series routers running vulnerable Junos OS Evolved versions, causing res...

An unauthenticated attacker can replace legitimate vSRX images with malicious ones in Juniper Security Director Policy Enforcer. This allows network-b...

A local privilege escalation vulnerability in Juniper Junos OS and Junos OS Evolved allows high-privileged local attackers to execute arbitrary comman...

An incorrect authorization vulnerability in Juniper Junos OS on SRX Series allows unauthenticated attackers to access the J-Web management interface t...

An unauthenticated network attacker can cause a denial-of-service by sending a specific sequence of SIP calls to Juniper MX Series devices with MS-MPC...

This vulnerability allows network-based, unauthenticated attackers to gain root access to Juniper Junos OS VM Host systems even after the configured p...

A Juniper Junos OS Evolved firewall filter vulnerability allows unauthenticated network attackers to bypass security restrictions when prefix lists wi...

An unauthenticated network attacker can cause Juniper SRX300 Series firewalls to crash and restart by sending specially crafted BGP updates. This affe...

A Missing Authorization vulnerability in Juniper Networks Junos OS Evolved allows local low-privileged users to gain root privileges by sending packet...

A reachable assertion vulnerability in Juniper Junos OS and Junos OS Evolved routing protocol daemon allows adjacent unauthenticated attackers to caus...

An unauthenticated network attacker can cause a denial of service by sending a specific BGP UPDATE packet to Juniper devices running vulnerable Junos ...

An improper handling of exceptional conditions vulnerability in Juniper Junos OS on specific ACX Series platforms allows attackers to crash the Forwar...

A vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer to crash the routing protocol daemon (rpd) by s...

An out-of-bounds write vulnerability in Juniper Junos OS CFM daemon allows unauthenticated adjacent attackers to crash FPC cards by sending malformed ...

A local privilege escalation vulnerability in Juniper Junos OS allows low-privileged users to place scripts that execute as root during system boot on...

An unauthenticated attacker can cause denial-of-service on Juniper MX Series routers by sending high rates of specific GRE traffic. This causes the Pa...

An expired pointer dereference vulnerability in Juniper's Routing Protocol Daemon (rpd) allows adjacent attackers to cause denial of service by trigge...

A local privilege escalation vulnerability in Juniper Junos OS and Junos OS Evolved allows low-privileged users to cause a denial-of-service by runnin...

An unauthenticated network attacker can cause sustained denial-of-service on Juniper MX and SRX series devices by sending specially crafted SIP invite...

An unauthenticated attacker can cause a denial-of-service on Juniper SRX Series firewalls by sending specific HTTP content that triggers a memory leak...

An unauthenticated adjacent attacker can send a malformed DHCP packet to crash the Juniper DHCP daemon (jdhcpd) when dhcp-security is enabled, causing...

An unauthenticated network attacker can send a specific ICMPv6 packet to cause the routing protocol daemon (rpd) to crash and restart, leading to deni...

A heap-based buffer overflow vulnerability in Juniper Networks Junos OS flexible PIC concentrator (FPC) allows attackers to send specific DHCP packets...

A signed-to-unsigned conversion error in Juniper's Layer 2 Control Protocol daemon (l2cpd) allows an unauthenticated adjacent attacker to cause a deni...

An unauthenticated, logically adjacent BGP peer can cause a denial of service by triggering a crash and restart of the routing protocol daemon (rpd) i...

An unauthenticated attacker can send specially crafted network traffic to Juniper devices to cause CPU exhaustion and denial of service. This affects ...

This vulnerability in Juniper Networks Junos OS on MX Series routers allows crafted IPv6 traffic to cause a denial of service by permanently blocking ...

A local privilege escalation vulnerability in Juniper Junos OS kernel allows attackers with shell access to inject arbitrary code and compromise devic...

A double-free vulnerability in Juniper Junos OS and Junos OS Evolved routing process daemon (rpd) allows attackers to cause denial of service by sendi...

An out-of-bounds read vulnerability in Juniper Junos OS and Junos OS Evolved routing protocol daemon (rpd) allows unauthenticated attackers to crash t...

An unauthenticated attacker can send malformed BGP UPDATE packets to Juniper devices with SRv6 enabled, causing the routing protocol daemon (rpd) to c...

This CVE describes a memory leak vulnerability in Juniper's Tunnel Driver (jtd) on Junos OS Evolved. Unauthenticated attackers can send specially craf...

An out-of-bounds read vulnerability in Juniper's routing protocol daemon (rpd) allows unauthenticated, adjacent BGP peers to crash the service by send...

A deadlock vulnerability in Juniper SRX Series packet forwarding engine allows unauthenticated network attackers to cause denial of service by sending...

This CVE describes a resource exhaustion vulnerability in Juniper Junos OS Evolved where authenticated attackers can cause FPC crashes through specifi...

An unauthenticated network attacker can cause a denial of service (DoS) on Juniper Junos OS Evolved by exploiting a resource exhaustion vulnerability ...

An unauthenticated attacker can send a specially crafted malformed packet to cause a flowd crash and restart on non-clustered SRX5000 Series devices, ...

An unauthenticated attacker can send specific HTTPS requests to Juniper Junos OS devices, causing uncontrolled process creation that leads to resource...

An unauthenticated attacker can cause denial of service by sending a specially crafted BGP update with a malformed AS PATH attribute to Juniper device...

This vulnerability allows an unauthenticated attacker on the same network segment to cause a denial of service on Juniper MX Series routers with Trio-...

An authorization bypass vulnerability in Juniper Junos OS Evolved allows locally authenticated attackers with shell access to gain full device control...

An unauthenticated attacker can send specific transit protocol traffic to Juniper ACX Series devices running vulnerable Junos OS Evolved versions, cau...

An unauthenticated attacker can send specific MPLS packets to Juniper ACX 7000 Series devices running vulnerable Junos OS Evolved versions, causing th...

A local privilege escalation vulnerability in Juniper Junos OS Evolved allows low-privileged local users to read NETCONF traceoptions files containing...