Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-04-09 CVE-2025-30651 A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When an attacker sends a specific ICMPv6 packet to an interface with "protocols router-advertisement" configured, rpd crashes and restarts.
network
low complexity
CWE-805
7.5
2025-04-09 CVE-2025-30656 An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). If the SIP ALG processes specifically formatted SIP invites, a memory corruption will occur which will lead to a crash of the FPC processing these packets.
network
low complexity
CWE-167
7.5
2025-04-09 CVE-2025-30658 A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). On all SRX platforms with Anti-Virus enabled, if a server sends specific content in the HTTP body of a response to a client request, these packets are queued by Anti-Virus processing in Juniper Buffers (jbufs) which are never released.
network
low complexity
CWE-401
7.5
2025-04-09 CVE-2025-30659 An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet the PFE will crash and restart. This issue affects Junos OS on SRX Series: * All 21.4 versions, * 22.2 versions before 22.2R3-S6, * 22.4 versions before 22.4R3-S6, * 23.2 versions before 23.2R2-S3, * 23.4 versions before 23.4R2-S4, * 24.2 versions before 24.2R2. This issue does not affect versions before 21.4.
network
low complexity
CWE-130
7.5
2025-04-09 CVE-2025-30660 An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a high rate of specific GRE traffic destined to the device, the respective PFE will hang causing traffic forwarding to stop.
network
low complexity
CWE-754
7.5
2025-04-09 CVE-2017-20197 A vulnerability was found in propanetank Roommate-Bill-Tracking up to 288437f658fc9ee7d4b92a9da12557024d8bc55c.
network
low complexity
CWE-74
7.3
2025-04-08 CVE-2025-30284 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
adobe
8.4
2025-04-08 CVE-2025-30285 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user.
network
low complexity
adobe
8.4
2025-04-08 CVE-2025-30286 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker.
network
low complexity
adobe
8.4
2025-04-08 CVE-2025-30287 Unspecified vulnerability in Adobe Coldfusion 2021/2023/2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Authentication vulnerability that could result in arbitrary code execution in the context of the current user.
local
low complexity
adobe
8.2