Vulnerabilities > Juniper > Junos > 22.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-13 | CVE-2023-22399 | Classic Buffer Overflow vulnerability in Juniper Junos When sFlow is enabled and it monitors a packet forwarded via ECMP, a buffer management vulnerability in the dcpfe process of Juniper Networks Junos OS on QFX10K Series systems allows an attacker to cause the Packet Forwarding Engine (PFE) to crash and restart by sending specific genuine packets to the device, resulting in a Denial of Service (DoS) condition. | 7.5 |
2023-01-13 | CVE-2023-22401 | Improper Validation of Array Index vulnerability in Juniper Junos and Junos OS Evolved An Improper Validation of Array Index vulnerability in the Advanced Forwarding Toolkit Manager daemon (aftmand) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). | 7.5 |
2023-01-13 | CVE-2023-22408 | Improper Validation of Array Index vulnerability in Juniper Junos An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). | 7.5 |
2023-01-13 | CVE-2023-22409 | Improper Validation of Specified Quantity in Input vulnerability in Juniper Junos An Unchecked Input for Loop Condition vulnerability in a NAT library of Juniper Networks Junos OS allows a local authenticated attacker with low privileges to cause a Denial of Service (DoS). | 5.5 |
2023-01-13 | CVE-2023-22414 | Memory Leak vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in Flexible PIC Concentrator (FPC) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker from the same shared physical or logical network, to cause a heap memory leak and leading to FPC crash. | 6.5 |
2023-01-13 | CVE-2023-22415 | Out-of-bounds Write vulnerability in Juniper Junos An Out-of-Bounds Write vulnerability in the H.323 ALG of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). | 7.5 |
2023-01-13 | CVE-2023-22416 | Classic Buffer Overflow vulnerability in Juniper Junos A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). | 7.5 |
2022-10-18 | CVE-2022-22219 | Unspecified vulnerability in Juniper Junos and Junos OS Evolved Due to the Improper Handling of an Unexpected Data Type in the processing of EVPN routes on Juniper Networks Junos OS and Junos OS Evolved, an attacker in direct control of a BGP client connected to a route reflector, or via a machine in the middle (MITM) attack, can send a specific EVPN route contained within a BGP Update, triggering a routing protocol daemon (RPD) crash, leading to a Denial of Service (DoS) condition. | 5.9 |
2022-03-23 | CVE-2021-25220 | HTTP Request Smuggling vulnerability in multiple products BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. | 6.8 |