Lucene search
+L

893 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/05/16 6:46 a.m.6 views

FlashAir do not set credential information in PhotoShare

Overview FlashAir by Toshiba Corporation is an SDHC memory card which provides wireless LAN access functions. FlashAir PhotoShare function enables to share the image data in a certain folder with other users as it switches the original wireless LAN connection set by FlashAir default to the wirele...

4.3CVSS6.8AI score0.00608EPSS
Exploits0References8
OSV
OSV
added 2017/05/03 9:59 p.m.6 views

CVE-2017-6628

A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services WAAS 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service DoS condition where the WAN optimization could stop functioning while the process restarts. T...

6.8CVSS5.8AI score0.01683EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2017/03/02 5:4 p.m.3 views

kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash

Linux kernel built with the 802.1Q/802.1ad VLANCONFIGVLAN8021Q OR Virtual eXtensible Local Area NetworkCONFIGVXLAN with Transparent Ethernet BridgingTEB GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could...

7.8CVSS6.8AI score0.07613EPSS
Exploits0References4
NVD
NVD
added 2017/01/30 4:59 a.m.19 views

CVE-2017-5632

An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374979. When executing an "nmap -O" command that specifies an IP address of an affected device, one can crash the device's WAN connection, causing disconnection from the Internet, a Denial of Service DoS. The attack...

6.5CVSS6.5AI score0.00524EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/01/30 4:24 a.m.20 views

CVE-2017-5632

An issue was discovered on the ASUS RT-N56U Wireless Router with Firmware 3.0.0.4.374979. When executing an "nmap -O" command that specifies an IP address of an affected device, one can crash the device's WAN connection, causing disconnection from the Internet, a Denial of Service DoS. The attack...

6.5AI score0.00524EPSS
Exploits0References2
Citrix
Citrix
added 2016/12/02 12:0 a.m.10 views

What is promiscuous mode for a NIC (interface)

Question: What is promiscuous mode for a NIC interface? Answer: In a network,promiscuous modeallows a network device to intercept and read each network packet that arrives in its entirety. In anEthernetlocal area network LAN, promiscuous mode is a mode of operation in which...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/11/11 12:0 a.m.79 views

Amazon Linux AMI : kernel (ALAS-2016-762)

The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service stack consumption and panic or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a...

7.8CVSS6.6AI score0.07613EPSS
Exploits0References3
OSV
OSV
added 2016/10/28 3:59 p.m.5 views

UBUNTU-CVE-2016-8596

Buffer overflow in the cspcanprocessframe in cspifcan.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet...

9.8CVSS7.7AI score0.02262EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2016/10/26 12:21 p.m.5 views

kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash

Linux kernel built with the 802.1Q/802.1ad VLANCONFIGVLAN8021Q OR Virtual eXtensible Local Area NetworkCONFIGVXLAN with Transparent Ethernet BridgingTEB GRO support, is vulnerable to a stack overflow issue. It could occur while receiving large packets via GRO path, as an unlimited recursion could...

7.8CVSS6.8AI score0.07613EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2016/10/12 12:0 a.m.51 views

CentOS Update for kernel CESA-2016:2047 centos7

Check the version of kernel SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882577";...

7.8CVSS6.4AI score0.07613EPSS
Exploits0References2
OSV
OSV
added 2016/10/11 6:14 a.m.8 views

USN-3099-1 linux vulnerabilities

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload GRO processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service system crash. CVE-2016-7039 Marco Grassi discovered a...

7.8CVSS6.8AI score0.07613EPSS
Exploits5References5
OSV
OSV
added 2016/09/21 2:25 p.m.4 views

CVE-2016-6159

The management interface of Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allows remote attackers to bypass authentication and obtain administrative access by sending "special packages" to the LAN interface...

7.5CVSS5.8AI score0.0107EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2016/09/20 1:6 p.m.10 views

Tesla Fixes 'Critical' Remote Hack Vulnerability

Several models of the Tesla S cars were hacked by researchers who were able to abruptly stop the car in its tracks, pop open the trunk while the car was being driven, and remotely turn on and off the windshield wipers. The hacks demonstrated by China’s Keen Security Lab, a division of Tencent, we...

0.3AI score
Exploits0References5
CNVD
CNVD
added 2016/09/05 12:0 a.m.9 views

Security Bypass Vulnerability in QQ Browser for Android

QQ Browser is a web browser developed by Tencent. A security bypass vulnerability exists in the Android version of QQ Browser. Since QQ Browser and QQ Hotspot for Android are in a local wifi LAN environment, they listen to local port 8786 and all local ip addresses. An attacker can use the...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.7 views

The vulnerability of the Cisco Wireless LAN Controller 2100 software allows a malicious individual to cause service failure.

The vulnerability in Cisco Wireless LAN Controller WLC devices allows malicious actors to trigger a service failure device reboot by using specially crafted Ethernet frames based on 802.11 protocols...

7.8CVSS5.5AI score0.0134EPSS
Exploits1References4Affected Software1
CNVD
CNVD
added 2016/07/05 12:0 a.m.4 views

Secret Chat Password Bypass Vulnerability

Secret Chat is a LAN chat tool. The tool suffers from a password bypass vulnerability when verifying account passwords. An attacker can attempt to crack the password and obtain user information...

7AI score
Exploits0
OSV
OSV
added 2016/05/28 1:59 a.m.5 views

CVE-2016-1379

Cisco Adaptive Security Appliance ASA Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service memory consumption via crafted 1 LAN-to-LAN or 2 Remote Access VPN tunnel packets, aka Bug ID CSCuv70576...

6.5CVSS5.8AI score0.01155EPSS
Exploits0References1
OSV
OSV
added 2016/04/22 12:59 a.m.4 views

CVE-2016-2354

The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver before 2016-04-07 supports unrestricted pairing without a PIN, which allows remote attackers to send arbitrary CAN commands by leveraging access to a device inside or adjacent to the vehicle, as demonstrated by a CAN command to...

8.8CVSS5.9AI score0.01074EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/09 12:0 a.m.17 views

Lemur Vehicle Monitors BlueDriver Security Bypass Vulnerability

Lemur Vehicle Monitors BlueDriver is a product that scans aftermarket automotive equipment as well as vehicle performance information through an OBD-II port connected to the Vehicle. Lemur Vehicle Monitors BlueDriver handles Bluetooth connections without requiring a PIN code, allowing a remote...

8.8CVSS7.3AI score0.01074EPSS
Exploits0References1
CNVD
CNVD
added 2016/01/07 12:0 a.m.5 views

Amped Wireless R10000 devices with firmware credential management vulnerability

Amped Wireless R10000 devices with firmware are the R10000 series routers from Amped Wireless. A credential management vulnerability exists in Amped Wireless R10000 devices with firmware 2.5.2.11. The device's web management interface has an administrator account, which allows remote attackers to...

9.8CVSS7.2AI score0.02387EPSS
Exploits0References1
Rows per page
Query Builder