Juniper Mx
10 CVEs affecting Juniper Mx. Latest disclosed: 2024-07-11. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28976 | High | 7.5 | 2023-04-17 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on MX Series allows an… |
CVE-2018-15504 | High | 7.5 | 2018-08-18 | An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which r… |
CVE-2023-28974 | High | 7.4 | 2023-04-17 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the bbe-smgd of Juniper Networks Junos OS allows an unauthenticated, adjacent attacker… |
CVE-2021-0289 | Medium | 6.5 | 2021-07-15 | When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Cond… |
CVE-2021-0288 | Medium | 6.5 | 2021-07-15 | A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Po… |
CVE-2017-2346 | Medium | 5.9 | 2017-07-17 | An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). Repeated crashes of the Service… |
CVE-2024-30378 | Medium | 5.5 | 2024-04-16 | A Use After Free vulnerability in command processing of Juniper Networks Junos OS on MX Series allows a local, authenticated attacker to cause the broadband ed… |
CVE-2024-39539 | Medium | 5.3 | 2024-07-11 | A Missing Release of Memory after Effective Lifetime vulnerability in Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cau… |
CVE-2024-21610 | Medium | 4.3 | 2024-04-12 | An Improper Handling of Exceptional Conditions vulnerability in the Class of Service daemon (cosd) of Juniper Networks Junos OS allows an authenticated, networ… |
CVE-2014-9708 | | 2015-03-31 | Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an e… |