Juniper Security Vulnerabilities (CVEs)

An unauthenticated network attacker can send crafted TCP traffic to Juniper Junos OS routing engines to cause CPU-based denial of service in the rpd-s...

This CVE allows local low-privileged users on Juniper SRX Series devices to access protected files containing sensitive information through crafted CL...

An unauthenticated attacker can send specific H.323 packets to Juniper SRX/MX Series devices, causing uncontrolled resource consumption that leads to ...

An unauthenticated network attacker can crash the msvcsd process on Juniper Junos OS Evolved devices configured with inline jflow, causing temporary d...

An unauthenticated adjacent attacker can cause a memory leak in the rtlogd process on Juniper MX Series routers with SPC3 line cards by triggering rep...

An unauthenticated attacker can send network traffic to Juniper Junos OS Evolved devices to cause uncontrolled memory consumption in the aftmand proce...

An unauthenticated network attacker can cause denial-of-service on affected Juniper devices by sending specific traffic that crashes critical packet p...

An unauthenticated attacker can cause a denial of service by sending specially crafted IPsec negotiation packets to Juniper devices running vulnerable...

An unauthenticated adjacent attacker can cause a Denial-of-Service (DoS) on Juniper ACX7000 Series routers by sending specific multicast traffic that ...

An unauthenticated attacker can cause a denial-of-service by sending specific valid TCP traffic to affected Juniper devices, triggering a Packet Forwa...

A memory leak vulnerability in Juniper's Periodic Packet Management Daemon (ppmd) allows unauthenticated adjacent attackers to cause denial-of-service...

An improper handling of values vulnerability in Juniper's Packet Forwarding Engine allows unauthenticated network attackers to cause denial-of-service...

An unimplemented feature vulnerability in Juniper Junos OS on QFX5000 and EX4600 series switches allows network-based attackers to bypass intended fil...

This CVE describes a format string vulnerability in Juniper SRX Series firewalls that allows unauthenticated attackers to cause denial-of-service by c...

This vulnerability allows local authenticated users with low privileges on Juniper Junos OS Evolved to escalate to root privileges by executing specif...

This CVE describes a local privilege escalation vulnerability in Juniper Junos OS Evolved where authenticated low-privilege users can execute specific...

This CVE describes a local privilege escalation vulnerability in Juniper Networks Junos OS Evolved. An authenticated attacker with low privileges can ...

This vulnerability allows attackers to bypass TCP packet filtering on Juniper SRX firewalls by sending TCP packets with SYN/FIN or SYN/RST flags when ...

A resource management vulnerability in xinetd on Juniper Junos OS Evolved allows unauthenticated attackers to cause denial of service by sending high ...

An unauthenticated adjacent attacker can exploit a memory leak in Juniper's Layer 2 Address Learning Daemon (l2ald) on Junos OS Evolved to cause syste...

This vulnerability allows a network-based attacker to crash Juniper Junos OS Evolved devices by sending a specific TCP packet over an established TCP ...

An unauthenticated adjacent attacker can cause denial of service by sending high volumes of specific Layer 2 packets in EVPN/VXLAN scenarios, causing ...

A heap-based buffer overflow vulnerability in Juniper Networks Junos OS telemetry sensor process (sensord) causes memory leaks when specific telemetry...

This vulnerability allows remote attackers to cause denial of service by sending specially crafted BGP update messages to Juniper devices with segment...

A local attacker with CLI access can crash the 802.1X authentication daemon on vulnerable Juniper Junos OS devices by running a specific operational c...

A local privilege escalation vulnerability in Juniper Junos OS Evolved allows low-privileged users to crash the Packet Forwarding Engine by running a ...

An unauthenticated network attacker can cause a denial-of-service by sending specific valid traffic to vulnerable Juniper SRX and NFX Series devices. ...

A stack-based buffer overflow vulnerability in Juniper's flowd daemon allows unauthenticated network attackers to cause denial of service by sending s...

An unauthenticated network attacker can cause a denial of service on Juniper SRX4600 devices by sending specific high-volume traffic that triggers a m...

This vulnerability allows network-based attackers to cause a denial of service on Juniper devices by sending malicious routing updates that trigger me...

This vulnerability allows a network-adjacent attacker with root access to a Test Agent Appliance to access sensitive information about downstream devi...

An unauthenticated network attacker can cause denial of service by sending a specially crafted BGP update with a malformed tunnel encapsulation TLV, c...

A network-based attacker can cause denial of service by sending a specially crafted BGP update with a malformed tunnel encapsulation TLV to Juniper de...

This is a cross-site scripting (XSS) vulnerability in Juniper Networks' J-Web interface for SRX and EX Series devices running Junos OS. An attacker ca...

A memory leak vulnerability in Juniper's Routing Protocol Daemon (rpd) allows unauthenticated network attackers to cause denial of service. When BGP n...

An unauthenticated network attacker can crash the Routing Protocol Daemon (RPD) on Juniper Junos OS and Junos OS Evolved by sending a specific Dynamic...

A NULL pointer dereference vulnerability in Juniper Junos OS Evolved allows unauthenticated attackers to cause denial of service by sending specific I...

An unauthenticated network attacker can cause a complete and persistent system outage on Juniper Junos OS Evolved by sending a high rate of specific v...

An unauthenticated network attacker can cause a denial of service by sending high-rate specific ICMP traffic to Juniper devices with VXLAN configured,...

An unauthenticated attacker can access sensitive reports in Juniper Networks Paragon Active Assurance Control Center without logging in, potentially e...

An improper input validation vulnerability in Juniper Networks Junos OS routing protocol daemon (rpd) allows attackers to cause denial of service by s...

An unauthenticated network attacker can cause a memory leak leading to denial of service on Juniper QFX5000 Series switches running vulnerable Junos O...

An incorrect default permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to create a backdoor ...

An out-of-bounds write vulnerability in Juniper's Routing Protocol Daemon (rpd) allows unauthenticated network attackers to cause denial of service by...

This vulnerability allows network-based attackers to cause denial of service on Juniper MX Series routers by exploiting improper condition checking in...

This vulnerability in Juniper QFX5k devices with storm control enabled allows ICMPv6 packets to bypass security checks, causing packets to be incorrec...

An unauthenticated network attacker can send malformed TCP traffic to cause an infinite loop in the Packet Forwarding Engine on Juniper MX Series rout...

An improper input validation vulnerability in Juniper's Routing Protocol Daemon (rpd) allows unauthenticated attackers to cause denial of service by s...