Vulnerabilities > Juniper > Junos

DATE CVE VULNERABILITY TITLE RISK
2019-07-11 CVE-2019-0053 Out-of-bounds Write vulnerability in multiple products
Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS.
local
low complexity
juniper debian CWE-787
7.8
2019-07-11 CVE-2019-0052 Interpretation Conflict vulnerability in Juniper Junos
The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet.
network
low complexity
juniper CWE-436
7.5
2019-07-11 CVE-2019-0049 Unspecified vulnerability in Juniper Junos
On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a certain sequence of BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart.
network
low complexity
juniper
7.5
2019-07-11 CVE-2019-0048 Unspecified vulnerability in Juniper Junos
On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority.
network
low complexity
juniper
5.8
2019-07-11 CVE-2019-0046 Resource Exhaustion vulnerability in Juniper Junos
A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device.
low complexity
juniper CWE-400
6.5
2019-04-20 CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. 6.1
2019-04-10 CVE-2019-0044 Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49
Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore).
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0043 Unspecified vulnerability in Juniper Junos
In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart.
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0041 Unspecified vulnerability in Juniper Junos 18.2
On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0).
network
low complexity
juniper
8.6
2019-04-10 CVE-2019-0040 Information Exposure vulnerability in Juniper Junos
On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI).
network
low complexity
juniper CWE-200
critical
9.1