Vulnerabilities > Juniper > Junos > 14.1x53.d35
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2022-22173 | Unspecified vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). | 7.5 |
| 2022-01-19 | CVE-2022-22176 | Improper Input Validation vulnerability in Juniper Junos An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby a Denial of Service (DoS). | 6.5 |
| 2021-07-15 | CVE-2021-0289 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. | 5.3 |
| 2020-04-08 | CVE-2020-1614 | Use of Hard-coded Credentials vulnerability in Juniper Junos A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. | 10.0 |
| 2019-10-09 | CVE-2019-0070 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. | 8.8 |
| 2019-10-09 | CVE-2019-0057 | Unspecified vulnerability in Juniper Junos An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system. | 7.8 |
| 2019-04-10 | CVE-2019-0039 | Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Junos If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. | 8.1 |
| 2017-07-17 | CVE-2017-2341 | Improper Authentication vulnerability in Juniper Junos An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. | 8.8 |