Vulnerabilities > Juniper > Junos

DATE CVE VULNERABILITY TITLE RISK
2023-01-13 CVE-2023-22410 Memory Leak vulnerability in Juniper Junos
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Networks Junos OS on MX Series platforms with MPC10/MPC11 line cards, allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS).
low complexity
juniper CWE-401
6.5
2023-01-13 CVE-2023-22417 Memory Leak vulnerability in Juniper Junos
A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).
network
low complexity
juniper CWE-401
7.5
2022-10-18 CVE-2022-22220 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos
A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS, Junos OS Evolved allows a network-based unauthenticated attacker to cause a Denial of Service (DoS).
network
high complexity
juniper CWE-367
5.9
2022-10-18 CVE-2022-22223 Improper Input Validation vulnerability in Juniper Junos
On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packets to cause multiple interfaces in the LAG to detach causing a Denial of Service (DoS) condition.
network
low complexity
juniper CWE-20
7.5
2022-10-18 CVE-2022-22233 Unchecked Return Value vulnerability in Juniper Junos and Junos OS Evolved
An Unchecked Return Value to NULL Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS).
local
low complexity
juniper CWE-252
5.5
2022-10-18 CVE-2022-22235 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS).
network
low complexity
juniper CWE-754
7.5
2022-10-18 CVE-2022-22237 Improper Authentication vulnerability in Juniper Junos
An Improper Authentication vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause an impact on confidentiality or integrity.
network
low complexity
juniper CWE-287
6.5
2022-10-18 CVE-2022-22238 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS).
low complexity
juniper CWE-754
6.5
2022-10-18 CVE-2022-22241 Deserialization of Untrusted Data vulnerability in Juniper Junos
An Improper Input Validation vulnerability in the J-Web component of Juniper Networks Junos OS may allow an unauthenticated attacker to access data without proper authorization.
network
low complexity
juniper CWE-502
critical
9.8
2022-10-18 CVE-2022-22246 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Juniper Junos
A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file.
network
low complexity
juniper CWE-829
8.8