Lucene search
K

146 matches found

CNVD
CNVD
added 2020/09/25 12:0 a.m.2 views

Cisco IOS XE Denial of Service Vulnerability (CNVD-2020-70971)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the IP Address Resolution Protocol ARP feature of Cisco IOS XE used by Cisco ASR 1000 Series Converged Services Routers. The...

7.4CVSS6.6AI score0.00429EPSS
Exploits0References1
OSV
OSV
added 2020/09/24 6:15 p.m.3 views

CVE-2020-3508

A vulnerability in the IP Address Resolution Protocol ARP feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor ESP installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload,...

7.4CVSS7.1AI score0.00429EPSS
Exploits0References1
NVD
NVD
added 2020/09/24 6:15 p.m.30 views

CVE-2020-3508

A vulnerability in the IP Address Resolution Protocol ARP feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor ESP installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload,...

7.4CVSS0.00429EPSS
Exploits0References1
Prion
Prion
added 2020/09/24 6:15 p.m.18 views

Race condition

A vulnerability in the IP Address Resolution Protocol ARP feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor ESP installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload,...

6.1CVSS7.3AI score0.00429EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/09/24 12:0 a.m.5 views

PT-2020-17253 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers affected versions not specified Description: A vulnerability in the IP Address Resolution Protocol ARP feature could allow an unauthenticated, adjacent attacker to...

7.4CVSS7.2AI score0.00429EPSS
Exploits0References4
CNVD
CNVD
added 2020/06/17 12:0 a.m.3 views

Treck TCP/IP ARP Component Input Validation Error Vulnerability

Treck TCP/IP is a suite of TCP Transmission Control Protocol/IP Internet Interconnection Protocol from Treck, Inc. dedicated to embedded systems. An input validation error vulnerability exists in the Treck TCP/IP ARP component. An attacker could exploit the vulnerability to cause an out-of-bounds...

4.3CVSS6.8AI score0.01657EPSS
Exploits1References1
OSV
OSV
added 2020/05/06 5:15 p.m.3 views

CVE-2020-3334

A vulnerability in the ARP packet processing of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in ...

7.4CVSS7.1AI score0.00433EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/05/06 12:0 a.m.4 views

PT-2020-2508 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions affected versions not specified Cisco Firepower Threat Defense versions affected versions not specified Description: The issue is related to the incorrect processing of ARP packets, which could allow...

7.4CVSS7.2AI score0.00433EPSS
Exploits0References6
CNVD
CNVD
added 2020/02/28 12:0 a.m.3 views

Cisco NX-OS Software Data Forgery Issue Vulnerability (CNVD-2020-14755)

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. A data forgery vulnerability exists in the Optional Broadcast Gateway feature of Cisco NX-OS Software, which arises from the program failing to properly validate received...

4.7CVSS6.7AI score0.00274EPSS
Exploits0References1
OSV
OSV
added 2020/02/26 5:15 p.m.3 views

CVE-2020-3174

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

4.7CVSS5.8AI score0.00274EPSS
Exploits0References1
Prion
Prion
added 2020/02/26 5:15 p.m.20 views

Input validation

A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a device to learn invalid Address Resolution Protocol ARP entries. The ARP entries are for nonlocal IP addresses for the subnet. The vulnerability is due to improper...

3.3CVSS4.8AI score0.00274EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/11/19 12:0 a.m.3 views

Unspecified Vulnerability in ZyXEL GS1900 (CNVD-2019-41672)

ZyXEL GS1900 is a managed switch from ZyXEL Taiwan, China. A security vulnerability exists in the Zyxel GS1900 using firmware prior to version 2.50AAHH.0C0, which originates from the libclicmd.so library in 'cmdsystracerouteexec', 'cmd sysarpclear' and 'cmdsyspingexec' functions in the...

10CVSS7.7AI score0.03872EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2019/10/29 12:0 a.m.5 views

The vulnerability of the ZingBox Inspector, a network traffic processor, arises due to the lack of protection against ARP information spoofing. This allows attackers to increase their privileges.

The vulnerability of the ZingBox Inspector network traffic processor exists due to the lack of protection against ARP information spoofing. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

7.8CVSS5.5AI score0.01069EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/10/09 9:15 p.m.5 views

CVE-2019-15022

A security vulnerability exists in Zingbox Inspector versions 1.294 and earlier, that allows for the Inspector to be susceptible to ARP spoofing...

7.5CVSS7.1AI score0.01069EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/09/05 12:0 a.m.6 views

The vulnerability of D-Link router microprogramming software arises from insufficient validation of input data, allowing attackers to circumvent the separation between the host network and the guest network.

The vulnerability of D-Link router microprogramming software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to circumvent the separation between the host network and the guest network by sending a specially...

8.8CVSS5.5AI score0.01169EPSS
Exploits1References4
CNVD
CNVD
added 2019/08/28 12:0 a.m.5 views

D-Link DIR-825AC G1 Access Control Error Vulnerability

The D-Link DIR-825 is an AC 1200 Wi-Fi dual-band Gigabit LAN/WAN router. A security vulnerability exists in the D-link DIR-825AC G1. The vulnerability stems from insufficient isolation between a host network and a client network established by the same device. An attacker could exploit the...

8.8CVSS6.9AI score0.01169EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/08/27 12:0 a.m.7 views

PT-2019-3096 · D Link · D-Link Dir-825Ac G1

Name of the Vulnerable Software and Affected Versions: D-link DIR-825AC G1 versions affected versions not specified Description: The issue is related to insufficient compartmentalization between a host network and a guest network established by the same device. These devices forward ARP requests...

8.8CVSS8.4AI score0.01169EPSS
Exploits1References5
CNVD
CNVD
added 2019/08/02 12:0 a.m.4 views

Wind River Systems VxWorks Parameter Injection Vulnerability (CNVD-2019-25702)

Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A parameter injection vulnerability exists in Wind River Systems VxWorks. An attacker could exploit this vulnerability by sending a reverse ARP response to an affected system to assign a unicast IPv...

9.8CVSS7.2AI score0.04116EPSS
Exploits0References1
OSV
OSV
added 2018/10/10 6:29 p.m.5 views

CVE-2018-0063

A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP requests, sent to the management interface, to exhaust the private Internal routing interfaces IRIs next-hop limit. Once the IRI next-hop database is full, no further next hops can be learned and existin...

6.5CVSS5.7AI score0.00637EPSS
Exploits0References2
CNVD
CNVD
added 2017/09/14 12:0 a.m.4 views

Tcpdump ARP Parser Buffer Overflow Vulnerability

Tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tool allows users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.ARP parser is one of the address resolution protocol parsers. A...

9.8CVSS9.4AI score0.02527EPSS
Exploits0References1
Rows per page
Query Builder