Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.4

    HIGH
    CVE-2021-0296

    The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). HSTS is an optional response header which allows servers to indicate that content from the requested domain will only be served over HTTPS. The lack of HSTS may le... Read more

    Affected Products : ctpview
    • Published: Oct. 19, 2021
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2021-0295

    A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). The issue is caused ... Read more

    Affected Products : junos qfx10000 qfx10002 qfx10008 qfx10016
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2021-0294

    A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if "storm-control enhanced" is configured, can lead to t... Read more

    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-0293

    A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. The amount of memory leaked on each execution depen... Read more

    Affected Products : junos
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0292

    An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resultin... Read more

    Affected Products : junos_os_evolved
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0291

    An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partial... Read more

    Affected Products : junos junos_os_evolved
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0290

    Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting i... Read more

    Affected Products : junos ex9200 ex9204 ex9208 ex9214 ex9250 ex9251 ex9253 srx4600 mx10 +16 more products
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0289

    When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons ... Read more

    Affected Products : junos junos_os_evolved srx100 srx110 srx210 srx220 srx240 srx550 srx650 srx1400 +221 more products
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0288

    A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Contin... Read more

    Affected Products : junos ex9200 ex9204 ex9208 ex9214 ex9250 ex9251 ex9253 mx10 mx104 +16 more products
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0287

    In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a r... Read more

    Affected Products : junos junos_os_evolved
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-0286

    A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) pro... Read more

    Affected Products : junos_os_evolved
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-0285

    An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP... Read more

    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-0284

    A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the devi... Read more

    Affected Products : junos
    • Published: Aug. 17, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-0283

    A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the devi... Read more

    Affected Products : junos
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-0282

    On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPD... Read more

    Affected Products : junos
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-0281

    On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Deni... Read more

    Affected Products : junos junos_os_evolved
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-0280

    Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond th... Read more

    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 8.6

    HIGH
    CVE-2021-0279

    Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An ... Read more

    Affected Products : contrail_cloud
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-0278

    An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.... Read more

    Affected Products : junos
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2021-0277

    An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead t... Read more

    Affected Products : junos junos_os_evolved
    • Published: Jul. 15, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 294726 Results