Vulnerabilities > Juniper > Junos > 20.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-14 | CVE-2023-36838 | Out-of-bounds Read vulnerability in Juniper Junos An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS). If a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. | 5.5 |
| 2023-06-21 | CVE-2023-0026 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2023-04-17 | CVE-2023-28979 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check. | 4.7 |
| 2023-04-17 | CVE-2023-28980 | Use After Free vulnerability in Juniper Junos and Junos OS Evolved A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). | 5.5 |
| 2023-04-17 | CVE-2023-28981 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). | 6.5 |
| 2023-04-17 | CVE-2023-28982 | Memory Leak vulnerability in Juniper Junos and Junos OS Evolved A Missing Release of Memory after Effective Lifetime vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2023-04-17 | CVE-2023-28984 | Use After Free vulnerability in Juniper Junos A Use After Free vulnerability in the Layer 2 Address Learning Manager (l2alm) of Juniper Networks Junos OS on QFX Series allows an adjacent attacker to cause the Packet Forwarding Engine to crash and restart, leading to a Denial of Service (DoS). | 5.3 |
| 2023-04-17 | CVE-2023-1697 | Unspecified vulnerability in Juniper Junos An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS). low complexity juniper | 6.5 |
| 2023-04-17 | CVE-2023-28962 | Unrestricted Upload of File with Dangerous Type vulnerability in Juniper Junos An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. | 9.8 |
| 2023-04-17 | CVE-2023-28963 | Improper Authentication vulnerability in Juniper Junos An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. | 5.3 |