OPENSUSE-SU-2025:20119-1 Security update for tcpreplay

This update for tcpreplay fixes the following issues: - update to 4.5.2: features added since 4.4.4 - fix/recalculate header checksum for ipv6-frag - IPv6 frag checksum support - AFXDP socket support - tcpreplay -w write into a pcap file - tcpreplay --fixhdrlen - --include and --exclude options -...

Linux Distros Unpatched Vulnerability : CVE-2011-3024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service application crash via an empty X.509 certificate. CVE-2011-3024 Note that...

Linux Distros Unpatched Vulnerability : CVE-2024-3024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function getlayer4v6 of the file...

CVE-2012-3024

Tridium Niagara AX Framework through 3.6 uses predictable values for 1 session IDs and 2 keys, which might allow remote attackers to bypass authentication via a brute-force attack...

SUSE CVE-2024-3024

A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function getlayer4v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclose...

UBUNTU-CVE-2024-3024

A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function getlayer4v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclose...

CVE-2024-3024

A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function getlayer4v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclose...

CVE-2024-3024

A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function getlayer4v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclose...

CVE-2019-3024

creationtimestamp| type| source ---|---|--- 2024-01-09 11:41:17+00:00| seen| https://t.me/ctinow/164960...

CVE-2023-3024 Bluetooth LE segmented 'prepare write response' packet may lead to out-of-bounds memory access

Forcing the Bluetooth LE stack to segment 'prepare write response' packets can lead to an out-of-bounds memory access...

Tridium Niagara AX Improper Authentication (CVE-2012-3024)

Tridium Niagara AX Framework through 3.6 uses predictable values for 1 session IDs and 2 keys, which might allow remote attackers to bypass authentication via a brute-force attack. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...

CVE-2022-3024

The CVE-2022-3024 entry concerns the WordPress plugin Simple Bitcoin Faucets (versions ≤ 1.7.0). The vulnerability is due to missing authorization checks and CSRF protection in an AJAX action, enabling any authenticated user (e.g., subscribers) to call the action and add/delete/edit Bonds. It is ...

CVE-2022-3024 Simple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSS

The Simple Bitcoin Faucets WordPress plugin through 1.7.0 does not have any authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscribers to call it and add/delete/edit Bonds. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored...

SUSE: Security Advisory (SUSE-SU-2020:3024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-3024

creationtimestamp| type| source ---|---|--- 2021-02-01 19:25:12+00:00| seen| https://t.me/cibsecurity/22898...

CVE-2021-3024

HashiCorp Vault and Vault Enterprise disclosed the internal IP address of the Vault node when responding to some invalid, unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7...

CVE-2021-3024

CVE-2021-3024 affects HashiCorp Vault and Vault Enterprise, where internal Vault node IP addresses were disclosed in response to certain invalid, unauthenticated HTTP requests. The issue is fixed in Vault versions 1.6.2 and 1.5.7. Other connected records reiterate the same behavior and fix; no fu...

CVE-2019-3024

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: Engineering Change Order. Supported versions that are affected are 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed...

CVE-2019-3024

Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite component: Engineering Change Order. Supported versions that are affected are 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed...

CVE-2019-3024

The CVE-2019-3024 issue affects Oracle E-Business Suite Installed Base, Engineering Change Order component, in versions 12.2.3–12.2.9. The vulnerability allows an unauthenticated, network-accessible attacker to interact via HTTP, with user interaction required for exploitation, potentially enabli...