Lucene search
+L

69 matches found

CVE
CVE
added 2019/03/05 8:0 p.m.24 views

CVE-2018-7973

CVE-2018-7973 is rejected/not used and does not represent an active vulnerability entry.

7.4AI score
Exploits0
Cvelist
Cvelist
added 2019/03/05 8:0 p.m.6 views

CVE-2018-7973

...

Exploits0
Tenable Nessus
Tenable Nessus
added 2018/08/17 12:0 a.m.42 views

Photon OS 1.0: Tcpdump PHSA-2017-0004 (deprecated)

An update of tcpdump packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0004. The text itself is copyright C VMware, Inc...

9.8CVSS10AI score0.06196EPSS
Exploits0References42
Check Point Advisories
Check Point Advisories
added 2017/10/16 12:0 a.m.58 views

Schneider Electric U.motion Builder nfcserver.php SQL Injection (CVE-2017-7973)

An SQL injection vulnerability exists in Schneider Electric U.motion Builder. The vulnerability is due to insufficient validation of the sessionid HTTP request parameter in requests made to nfcserver.php.A remote, unauthenticated user can exploit this vulnerability by sending a crafted HTTP reque...

7.5CVSS1.2AI score0.01472EPSS
Exploits0
CVE
CVE
added 2017/09/25 7:0 p.m.68 views

CVE-2017-7973

Schneider Electric U.motion Builder software (versions 1.2.1 and prior) is affected by CVE-2017-7973, a SQL injection vulnerability. The issue arises from insufficient input validation in various HTTP endpoints (e.g., track_import_export.php, nfcserver.php, localize.php, loadtemplate.php) that al...

9.8CVSS9.8AI score0.01472EPSS
In wildExploits0References2Affected Software1
Cvelist
Cvelist
added 2017/09/25 7:0 p.m.24 views

CVE-2017-7973

A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of arbitrary SQL commands against the underlying database...

9.9AI score0.01472EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/09/08 12:0 a.m.42 views

EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2017-1180)

According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker...

9.8CVSS7.5AI score0.19028EPSS
Exploits5References46
Tenable Nessus
Tenable Nessus
added 2017/09/08 12:0 a.m.47 views

EulerOS 2.0 SP1 : tcpdump (EulerOS-SA-2017-1179)

According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker...

9.8CVSS7.5AI score0.19028EPSS
Exploits5References46
Tenable Nessus
Tenable Nessus
added 2017/08/22 12:0 a.m.55 views

Scientific Linux Security Update : tcpdump on SL7.x x86_64 (20170801)

The following packages have been upgraded to a later upstream version: tcpdump 4.9.0. Security Fixes : - Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send special...

9.8CVSS7.4AI score0.19028EPSS
Exploits5References46
OpenVAS
OpenVAS
added 2017/08/04 12:0 a.m.49 views

RedHat Update for tcpdump RHSA-2017:1871-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS10AI score0.19028EPSS
Exploits5References2
Check Point Advisories
Check Point Advisories
added 2017/07/17 12:0 a.m.34 views

Schneider Electric U.motion Builder localize.php SQL Injection (CVE-2017-7973)

An SQL injection vulnerability has been reported in Schneider Electric U.motion Builder. The vulnerability is due to insufficient validation of the username HTTP request parameter in requests made to localize.php. A remote, unauthenticated user can exploit this vulnerability by sending a crafted...

7.5CVSS1.2AI score0.01472EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/07/06 12:0 a.m.30 views

Schneider Electric U.motion Builder track_import_export.php SQL Injection (CVE-2017-7973)

An SQL injection vulnerability exists in Schneider Electric U.motion Builder. The vulnerability is due to insufficient validation of the objectid HTTP parameter of the trackimportexport.php request. A remote, unauthenticated user can exploit this vulnerability by sending a crafted HTTP request to...

7.5CVSS1.2AI score0.01472EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2017/06/21 12:0 a.m.34 views

Schneider Electric U.motion Builder loadtemplate.php SQL Injection (CVE-2017-7973)

An SQL injection vulnerability exists in Schneider Electric U.motion Builder. The vulnerability is due to insufficient validation of the tpl HTTP parameter of the loadtemplate.php request. A remote, unauthenticated user can exploit this vulnerability by sending a crafted HTTP request to the...

7.5CVSS1.1AI score0.01472EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/03/13 12:0 a.m.77 views

SUSE SLES11 Security Update : tcpdump (SUSE-SU-2017:0656-1)

This update for tcpdump fixes the following issues: Security issues fixed bsc1020940 : - CVE-2016-7922: Corrected buffer overflow in AH parser print-ah.c:ahprint. - CVE-2016-7923: Corrected buffer overflow in ARP parser print-arp.c:arpprint. - CVE-2016-7925: Corrected buffer overflow in compresse...

9.8CVSS7.9AI score0.06196EPSS
Exploits0References58
RedhatCVE
RedhatCVE
added 2017/02/03 3:52 p.m.27 views

CVE-2016-7973

Multiple out of bounds read and integer overflow vulnerabilities were found in tcpdump affecting the decoding of various protocols. An attacker could create a crafted pcap file or send specially crafted packets to the network segment where tcpdump is running in live capture mode without -w which...

9.8CVSS1.4AI score0.03198EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2017/01/30 9:59 p.m.0 views

CVE-2015-7973

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network...

6.5CVSS5.5AI score0.03362EPSS
Exploits2References24
Debian CVE
Debian CVE
added 2017/01/30 9:0 p.m.28 views

CVE-2015-7973

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network...

6.5CVSS6.3AI score0.03362EPSS
Exploits2
Cvelist
Cvelist
added 2017/01/30 9:0 p.m.26 views

CVE-2015-7973

NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network...

6.8AI score0.03362EPSS
Exploits2References22
OSV
OSV
added 2017/01/28 1:59 a.m.3 views

DEBIAN-CVE-2016-7973

The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions...

9.8CVSS7.8AI score0.03198EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/01/28 1:33 a.m.31 views

CVE-2016-7973

The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions...

9.8CVSS10AI score0.03198EPSS
Exploits0
Rows per page
Query Builder