Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2021-09-20 CVE-2021-39531 Out-of-bounds Write vulnerability in Juniper Libslax
An issue was discovered in libslax through v0.22.1.
network
juniper CWE-787
6.8
2021-09-20 CVE-2021-39532 NULL Pointer Dereference vulnerability in Juniper Libslax
An issue was discovered in libslax through v0.22.1.
network
juniper CWE-476
4.3
2021-09-20 CVE-2021-39533 Out-of-bounds Write vulnerability in Juniper Libslax
An issue was discovered in libslax through v0.22.1.
network
juniper CWE-787
6.8
2021-09-20 CVE-2021-39534 Out-of-bounds Write vulnerability in Juniper Libslax
An issue was discovered in libslax through v0.22.1.
network
juniper CWE-787
6.8
2021-08-17 CVE-2021-0284 Classic Buffer Overflow vulnerability in Juniper Junos 12.3/15.1
A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS).
network
low complexity
juniper CWE-120
7.8
2021-07-15 CVE-2021-0276 Out-of-bounds Write vulnerability in Juniper Steel-Belted Radius Carrier 8.4.1/8.5.0/8.6.0
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE).
network
juniper CWE-787
6.8
2021-07-15 CVE-2021-0277 Out-of-bounds Read vulnerability in Juniper Junos 12.3/15.1
An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE).
low complexity
juniper CWE-125
5.8
2021-07-15 CVE-2021-0278 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device.
local
low complexity
juniper CWE-20
7.2
2021-07-15 CVE-2021-0279 Use of Hard-coded Credentials vulnerability in Juniper Contrail Cloud
Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials.
network
low complexity
juniper CWE-798
5.5
2021-07-15 CVE-2021-0280 Improper Initialization vulnerability in Juniper Junos
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE).
network
low complexity
juniper CWE-665
5.0