CVSS: 6.5EPSS: 0%CPEs: 152EXPL: 0CVE-2021-31362 – Junos OS and Junos OS Evolved: An IS-IS adjacency might be taken down if a bad hello PDU is received for an existing adjacency causing a DoS
https://notcve.org/view.php?id=CVE-2021-31362
19 Oct 2021 — A Protection Mechanism Failure vulnerability in RPD (routing protocol daemon) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause established IS-IS adjacencies to go down by sending a spoofed hello PDU leading to a Denial of Service (DoS) condition. Continued receipted of these spoofed PDUs will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS All versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S... • https://kb.juniper.net/JSA11224 • CWE-693: Protection Mechanism Failure •
CVSS: 6.5EPSS: 0%CPEs: 359EXPL: 0CVE-2021-0289 – Junos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restarted
https://notcve.org/view.php?id=CVE-2021-0289
15 Jul 2021 — When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command "show inte... • https://kb.juniper.net/JSA11191 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2021-0248 – NFX Series: Hard-coded credentials allow an attacker to take control of any instance through administrative interfaces.
https://notcve.org/view.php?id=CVE-2021-0248
22 Apr 2021 — This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Juniper Networks Junos OS versions prior to 19.1R1 on NFX Series. No other platforms besides NFX Series devices are affected. • https://kb.juniper.net/JSA11141 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2020-1614 – NFX250 Series: Hardcoded credentials in the vSRX VNF instance.
https://notcve.org/view.php?id=CVE-2020-1614
08 Apr 2020 — A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the VNF, either locally, or through the network. This issue only affects the NFX250 Series vSRX VNF. No other products or platforms are affected. This issue is only applicable to environments where the vSRX VNF root password has not been confi... • https://kb.juniper.net/JSA10997 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 9%CPEs: 361EXPL: 0CVE-2020-10188 – telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code
https://notcve.org/view.php?id=CVE-2020-10188
06 Mar 2020 — utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. El archivo utility.c en telnetd en netkit telnet versiones hasta 0.17, permite a atacantes remotos ejecutar código arbitrario por medio de escrituras cortas o datos urgentes, debido a un desbordamiento del búfer que involucra a las funciones netclear y nextitem. A vulnerability was found where incorre... • https://appgateresearch.blogspot.com/2020/02/bravestarr-fedora-31-netkit-telnetd_28.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-0070 – Junos OS: NFX Series: An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions.
https://notcve.org/view.php?id=CVE-2019-0070
09 Oct 2019 — An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. This leads to the attacker being able to take control of the entire system. This issue affects: Juniper Networks Junos OS versions prior to 18.2R1 on NFX Series. Una debilidad de Validación de Entrada Inapropiada permite a un atacante local malicioso elevar ... • https://kb.juniper.net/JSA10977 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-0057 – NFX Series: An attacker may be able to take control of the JDM application and subsequently the entire system.
https://notcve.org/view.php?id=CVE-2019-0057
09 Oct 2019 — An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system. This issue affects: Juniper Networks Junos OS versions prior to 18.2R1, 18.2X75-D5. Una debilidad de autorización inapropiada en Juniper Networks Junos OS, permite a un atacante autenticado local omitir los controles de seguridad regulares para acceder a la aplicación Junos Device Manager... • https://kb.juniper.net/JSA10955 •
CVSS: 6.1EPSS: 2%CPEs: 218EXPL: 9CVE-2019-11358 – jQuery 3.3.1 - Prototype Pollution & XSS Exploit
https://notcve.org/view.php?id=CVE-2019-11358
19 Apr 2019 — jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. jQuery, en versiones anteriores a 3.4.0, como es usado en Drupal, Backdrop CMS, y otros productos, maneja mal jQuery.extend(true, {}, ...) debido a la contaminación de Object.prototype. Si un objeto fuente no sanitizado contenía una propi... • https://packetstorm.news/files/id/190328 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: 109EXPL: 0CVE-2019-0036 – Junos OS: Firewall filter terms named "internal-1" and "internal-2" being ignored
https://notcve.org/view.php?id=CVE-2019-0036
10 Apr 2019 — When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets leading to unexpected results. Affected releases are Juniper Networks Junos OS: All versions prior to and including 12.3; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-... • https://kb.juniper.net/JSA10925 • CWE-284: Improper Access Control CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.5EPSS: 14%CPEs: 72EXPL: 0CVE-2017-3145 – Improper fetch cleanup sequencing in the resolver can cause named to crash
https://notcve.org/view.php?id=CVE-2017-3145
16 Jan 2018 — BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1, 9.10.5-S1 to 9.10.6-S1, 9.12.0a1 to 9.12.0rc1. BIND secuenciaba incorrectamente las operaciones de limpieza en contextos fetch de recursión ascendente, lo que conduce en algunos casos a un error de uso de memoria ... • http://www.securityfocus.com/bid/102716 • CWE-416: Use After Free •