Vulnerabilities > Juniper > Junos > 18.1r2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2022-22161 | Unspecified vulnerability in Juniper Junos An Uncontrolled Resource Consumption vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause 100% CPU load and the device to become unresponsive by sending a flood of traffic to the out-of-band management ethernet port. | 7.5 |
| 2022-01-19 | CVE-2022-22168 | Unspecified vulnerability in Juniper Junos An Improper Validation of Specified Type of Input vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to trigger a Missing Release of Memory after Effective Lifetime vulnerability. low complexity juniper | 6.5 |
| 2022-01-19 | CVE-2022-22173 | Unspecified vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). | 7.5 |
| 2021-07-15 | CVE-2021-0289 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. | 5.3 |
| 2020-04-08 | CVE-2020-1614 | Use of Hard-coded Credentials vulnerability in Juniper Junos A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. | 10.0 |
| 2019-04-10 | CVE-2019-0039 | Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Junos If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. | 8.1 |
| 2019-04-10 | CVE-2019-0008 | Out-of-bounds Write vulnerability in Juniper Junos A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. | 9.8 |
| 2019-01-16 | CVE-2017-3145 | Use After Free vulnerability in multiple products BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. | 7.5 |
| 2018-10-10 | CVE-2018-0044 | Improper Authentication vulnerability in Juniper Junos 18.1R2 An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. | 8.1 |