13 matches found
CVE-2026-3591 A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass
A use-after-return vulnerability exists in the named server when handling DNS queries signed with SIG0. Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly mismatch an IP address. In a default-allow ACL denying only specific IP addresses, this may lead to...
MiracleLinux 7 : pacemaker-1.1.23-1.el7.1 (AXSA:2020-992:04)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-992:04 advisory. pacemaker: ACL restrictions bypass CVE-2020-25654 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...
Cisco IOS XR Access Control Error Vulnerability (CNVD-2025-21251)
Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. Cisco IOS XR suffers from an Access Control Error vulnerability that stems from improper access control of the management interface ACL, which can be exploited by an attacker to cau...
Cisco IOS XR 权限许可和访问控制问题漏洞
Cisco IOS XR is a set of operating systems developed by Cisco USA for its network devices. A Privilege Permission and Access Control Issues vulnerability exists in Cisco IOS XR Software that stems from incorrect handling of packets, which could lead to bypassing configured access control lists...
Cisco Nexus 9000 Series Switches Access List Bypass (CVE-2014-3330)
Cisco NX-OS 6.12I21 on Nexus 9000 switches does not properly process packet-drop policy checks for logged packets, which allows remote attackers to bypass intended access restrictions via a flood of packets matching a policy that contains the log keyword, aka Bug ID CSCuo02489. This plugin only...
USN-3464-1 wget vulnerabilities
Antti Levomäki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could use this issue to cause Wget to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2017-13089, CVE-2017-13090 Dawid Golunski...
GNU Wget 1.18 - Access List Bypass Race Condition
GNU Wget 1.18 - Access List Bypass Race Condition ''' ============================================= - Discovered by: Dawid Golunski - dawidatlegalhackers.com - https://legalhackers.com - https://legalhackers.com/advisories/Wget-Exploit-ACL-bypass-RaceCond-CVE-2016-7098.html - CVE-2016-7098 -...
GNU Wget Access List Bypass / Race Condition
/ / / / / / / / / / / / / / / / / / // / / / /// / / / / // / // / // / / / / // / // , / / / ///, /,// // //,///||// // // ============================================= - Discovered by: Dawid Golunski - dawidatlegalhackers.com - https://legalhackers.com - CVE-2016-7098 - Release date:...
GNU Wget < 1.18 - Access List Bypass / Race Condition Vulnerabilities
Exploit for multiple platform in category remote exploits ''' ============================================= - Discovered by: Dawid Golunski - dawidatlegalhackers.com - https://legalhackers.com - https://legalhackers.com/advisories/Wget-Exploit-ACL-bypass-RaceCond-CVE-2016-7098.html - CVE-2016-709...
wget -- Access List Bypass / Race Condition
Dawid Golunski reports: GNU wget in version 1.17 and earlier, when used in mirroring/recursive mode, is affected by a Race Condition vulnerability that might allow remote attackers to bypass intended wget access list restrictions specified with -A parameter...
Cisco Nexus 9000 Series Switches Access List Bypass Vulnerability (Cisco-SA-20140806-CVE-2014-3330)
A vulnerability in the implementation of the access list logging feature of Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to bypass the access list restriction for the logged traffic. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be...
Debian DSA-576-1 : squid - several vulnerabilities
Several security vulnerabilities have been discovered in Squid, the internet object cache, the popular WWW proxy cache. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-1999-0710 It is possible to bypass access lists and scan arbitrary hosts and ports in...
CVE-2002-0037
Lotus Domino Servers 5.x, 4.6x, and 4.5x allows attackers to bypass the intended Reader and Author access list for a document's object via a Notes API call NSFDbReadObject that directly accesses the object...