Vulnerabilities > Juniper > Junos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-16 | CVE-2017-3145 | Use After Free vulnerability in multiple products BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. | 7.5 |
| 2019-01-15 | CVE-2019-0015 | Insufficient Session Expiration vulnerability in Juniper Junos A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. | 5.4 |
| 2019-01-15 | CVE-2019-0014 | Data Processing Errors vulnerability in Juniper Junos 17.2X75/17.4/18.2 On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. | 7.5 |
| 2019-01-15 | CVE-2019-0013 | Data Processing Errors vulnerability in Juniper Junos The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received. | 7.5 |
| 2019-01-15 | CVE-2019-0012 | Unspecified vulnerability in Juniper Junos A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart. | 7.5 |
| 2019-01-15 | CVE-2019-0011 | Unspecified vulnerability in Juniper Junos The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address. low complexity juniper | 6.5 |
| 2019-01-15 | CVE-2019-0010 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. | 7.5 |
| 2019-01-15 | CVE-2019-0009 | Unspecified vulnerability in Juniper Junos 15.1X53/18.1/18.2 On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). | 5.5 |
| 2019-01-15 | CVE-2019-0007 | Use of Insufficiently Random Values vulnerability in Juniper Junos 15.1 The vMX Series software uses a predictable IP ID Sequence Number. | 10.0 |
| 2019-01-15 | CVE-2019-0006 | Use of Uninitialized Resource vulnerability in Juniper Junos 14.1X53/15.1/15.1X53 A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. | 9.8 |