Vulnerabilities > Juniper > Junos > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-20 | CVE-2022-22206 | Classic Buffer Overflow vulnerability in Juniper Junos A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2022-07-20 | CVE-2022-22207 | Use After Free vulnerability in Juniper Junos A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). | 7.5 |
| 2022-07-20 | CVE-2022-22209 | Memory Leak vulnerability in Juniper Junos 21.2/21.3/21.4 A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2022-07-20 | CVE-2022-22221 | Unspecified vulnerability in Juniper Junos An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. | 7.8 |
| 2022-04-14 | CVE-2022-22185 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. | 7.5 |
| 2022-04-14 | CVE-2022-22188 | Uncontrolled Memory Allocation vulnerability in Juniper Junos 20.2 An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). | 7.5 |
| 2022-04-14 | CVE-2022-22197 | Operation on a Resource after Expiration or Release vulnerability in Juniper Junos and Junos OS Evolved An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). | 7.5 |
| 2022-04-14 | CVE-2022-22198 | Access of Uninitialized Pointer vulnerability in Juniper Junos 20.4/21.1/21.2 An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). | 7.5 |
| 2022-01-19 | CVE-2022-22153 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. | 7.5 |
| 2022-01-19 | CVE-2022-22156 | Man-in-the-Middle vulnerability in Juniper Junos An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle (PitM) attacks when a system script is fetched from a remote source at a specified HTTPS URL, which may compromise the integrity and confidentiality of the device. | 7.4 |