Vulnerabilities > Juniper > Junos > 17.4

DATE CVE VULNERABILITY TITLE RISK
2018-08-18 CVE-2018-15504 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2.
network
low complexity
embedthis juniper CWE-476
7.5
7.5
2018-07-11 CVE-2018-0034 Improper Input Validation vulnerability in Juniper Junos
A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system.
network
high complexity
juniper CWE-20
5.9
5.9
2018-07-11 CVE-2018-0032 Improper Input Validation vulnerability in Juniper Junos
The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart.
network
low complexity
juniper CWE-20
7.5
7.5
2018-07-11 CVE-2018-0031 Resource Exhaustion vulnerability in Juniper Junos
Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter.
network
high complexity
juniper CWE-400
5.9
5.9
2018-07-11 CVE-2018-0030 Resource Exhaustion vulnerability in Juniper Junos
Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart.
network
low complexity
juniper CWE-400
7.5
7.5
2018-07-11 CVE-2018-0029 Resource Exhaustion vulnerability in Juniper Junos
While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system to crash and restart (vmcore).
low complexity
juniper CWE-400
6.5
6.5
2016-03-09 CVE-2016-1286 named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted signature record for a DNAME record, related to db.c and resolver.c. 8.6
8.6
2016-03-09 CVE-2016-1285 named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 does not properly handle DNAME records when parsing fetch reply messages, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a malformed packet to the rndc (aka control channel) interface, related to alist.c and sexpr.c. 6.8
6.8