Vulnerabilities > Juniper > High

DATE CVE VULNERABILITY TITLE RISK
2022-07-20 CVE-2022-22205 Memory Leak vulnerability in Juniper Junos
A Missing Release of Memory after Effective Lifetime vulnerability in the Application Quality of Experience (appqoe) subsystem of the PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated network based attacker to cause a Denial of Service (DoS).
network
low complexity
juniper CWE-401
7.5
2022-07-20 CVE-2022-22206 Classic Buffer Overflow vulnerability in Juniper Junos
A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS).
network
low complexity
juniper CWE-120
7.5
2022-07-20 CVE-2022-22207 Use After Free vulnerability in Juniper Junos
A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS).
network
low complexity
juniper CWE-416
7.5
2022-07-20 CVE-2022-22209 Memory Leak vulnerability in Juniper Junos 21.2/21.3/21.4
A Missing Release of Memory after Effective Lifetime vulnerability in the kernel of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a Denial of Service (DoS).
network
low complexity
juniper CWE-401
7.5
2022-07-20 CVE-2022-22212 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos OS Evolved 21.2/21.3
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS).
network
low complexity
juniper CWE-770
7.5
2022-07-20 CVE-2022-22221 Unspecified vulnerability in Juniper Junos
An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device.
local
low complexity
juniper
7.8
2022-04-14 CVE-2022-22183 Unspecified vulnerability in Juniper Junos OS Evolved
An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition.
network
low complexity
juniper
7.5
2022-04-14 CVE-2022-22185 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
A vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding.
network
low complexity
juniper CWE-754
7.5
2022-04-14 CVE-2022-22187 Improper Privilege Management vulnerability in Juniper Identity Management Service
An Improper Privilege Management vulnerability in the Windows Installer framework used in the Juniper Networks Juniper Identity Management Service (JIMS) allows an unprivileged user to trigger a repair operation.
local
low complexity
juniper CWE-269
7.8
2022-04-14 CVE-2022-22188 Uncontrolled Memory Allocation vulnerability in Juniper Junos 20.2
An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS).
network
low complexity
juniper CWE-789
7.5