Lucene search
K

40 matches found

Tenable Nessus
Tenable Nessus
added 2021/12/29 12:0 a.m.39 views

Wireshark 3.6.x < 3.6.1 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 3.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.1 advisory. - Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of service via packet injection or crafted...

7.5CVSS6.8AI score0.03879EPSS
Exploits6References18
Positive Technologies
Positive Technologies
added 2021/11/29 12:0 a.m.1 views

PT-2021-6886 · Wireshark +3 · Wireshark +3

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.4.0 through 3.4.10 Wireshark version 3.6.0 Description: The issue is related to an infinite loop in the BitTorrent DHT dissector, which can be exploited to cause a denial of service via packet injection or crafted capture...

9.8CVSS6.4AI score0.07885EPSS
Exploits52References231
vulnersOsv
vulnersOsv
added 2020/09/01 3:22 p.m.6 views

@actiflixr/webtorrent (=1.0.0), @andrewosh/torrent-docker (>=1.6.0 <=1.6.1) +260 more potentially affected by CVE-2016-10519 via bittorrent-dht (>=0.5.0 <=4.0.4)

bittorrent-dht NPM version =0.5.0, =1.6.0, =0.1.0-beta.0, =5.2.3, =0.1.1, =0.1.0, =0.1.1, =1.0.0, =0.0.1, =1.0.0-alpha.18, =1.0.0-alpha.18, =0.0.1, =1.2.18, =1.0.17, =1.0.18 and more Source cves: CVE-2016-10519 Source advisory: OSV:GHSA-77G4-36JP-5V3M...

7.5CVSS7.1AI score0.01637EPSS
Exploits0
OSV
OSV
added 2020/09/01 3:22 p.m.19 views

GHSA-77G4-36JP-5V3M Remote Memory Disclosure in bittorrent-dht

Versions of bittorrent-dht prior to 5.1.3 are affected by a remote memory disclosure vulnerability. This vulnerability allows an attacker to send a specific series of of messages to a listening peer and get it to reveal internal memory. There are two mitigating factors here, that slightly reduce...

7.5CVSS7.2AI score0.01637EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2020/09/01 3:22 p.m.38 views

Remote Memory Disclosure in bittorrent-dht

Versions of bittorrent-dht prior to 5.1.3 are affected by a remote memory disclosure vulnerability. This vulnerability allows an attacker to send a specific series of of messages to a listening peer and get it to reveal internal memory. There are two mitigating factors here, that slightly reduce...

7.5CVSS2AI score0.01637EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2019/12/09 9:6 a.m.10 views

Denial Of Service (DoS)

bittorrent-dht is vulnerable to denial of service DOS attacks. The vulnerability exists as it does not restrict to run one ping at the time, leading to an infinite asnyc ping recursion and an application crash when a malicious user sends a large number of pings simultaneously without disregarding...

4AI score
Exploits0
CNVD
CNVD
added 2018/06/07 12:0 a.m.4 views

bittorrent-dht Remote Memory Disclosure Vulnerability

bittorrent-dht is a Node.js implementation of the BitTorrent DHT protocol. A security vulnerability exists in bittorrent-dht versions prior to 5.1.3. An attacker can exploit the vulnerability to disclose internal memory by sending a specific series of messages...

7.5CVSS7.3AI score0.01637EPSS
Exploits0References1
NVD
NVD
added 2018/05/31 8:29 p.m.21 views

CVE-2016-10519

A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory...

7.5CVSS7.5AI score0.01637EPSS
Exploits0References2
OSV
OSV
added 2018/05/31 8:29 p.m.15 views

CVE-2016-10519

A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory...

7.5CVSS7.7AI score
Exploits0References2
CVE
CVE
added 2018/05/31 8:0 p.m.68 views

CVE-2016-10519

The CVE-2016-10519 entry describes a vulnerability in bittorrent-dht before 5.1.3 where an attacker can send a crafted sequence of messages to a listening peer to cause disclosure of internal memory. Affected component: bittorrent-dht (Node.js implementation). Root cause: insecure handling of mes...

7.5CVSS7.4AI score0.01637EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/05/31 8:0 p.m.20 views

CVE-2016-10519

A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory...

7.4AI score0.01637EPSS
Exploits0References2
Node.js
Node.js
added 2016/01/04 7:52 p.m.27 views

Remote Memory Disclosure

Overview Versions of bittorrent-dht prior to 5.1.3 are affected by a remote memory disclosure vulnerability. This vulnerability allows an attacker to send a specific series of of messages to a listening peer and get it to reveal internal memory. There are two mitigating factors here, that slightl...

5CVSS1.8AI score0.01637EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2015/11/08 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2015-0428)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.05511EPSS
Exploits0References4
Mageia
Mageia
added 2015/11/05 10:46 p.m.39 views

Updated libtorrent-rasterbar packages fixes security vulnerability

The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing." Note while this CVE was reported against BitTorrent DHT Bootstrapt server, the same vulnerable code is available in...

7.5CVSS7.3AI score0.05511EPSS
Exploits0References2
OSV
OSV
added 2015/11/05 10:46 p.m.6 views

MGASA-2015-0428 Updated libtorrent-rasterbar packages fixes security vulnerability

The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing." Note while this CVE was reported against BitTorrent DHT Bootstrapt server, the same vulnerable code is available in...

7.5CVSS7.4AI score0.05511EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/09/21 12:0 a.m.20 views

Debian DLA-312-1 : libtorrent-rasterbar security update

The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to 'improper indexing.' Note while this CVE was reported against BitTorrent DHT Bootstrapt server, the same vulnerable code is available in...

7.5CVSS6.1AI score0.05511EPSS
Exploits0References3
Debian
Debian
added 2015/09/20 4:36 p.m.21 views

[SECURITY] [DLA 312-1] libtorrent-rasterbar security update

Package : libtorrent-rasterbar Version : 0.14.10-2+deb6u1 CVE ID : CVE-2015-5685 Debian Bug : 797046 The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing." Note while this CV...

7.5CVSS7.4AI score0.05511EPSS
Exploits0
OSV
OSV
added 2015/09/20 12:0 a.m.24 views

DLA-312-1 libtorrent-rasterbar - security update

Bulletin has no description...

7.5CVSS6.1AI score0.05511EPSS
Exploits0
OSV
OSV
added 2015/08/13 2:59 p.m.6 views

CVE-2015-5685

The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing."...

7.3AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/08/13 2:59 p.m.25 views

CVE-2015-5685

The lazybdecode function in BitTorrent DHT bootstrap server bootstrap-dht allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing."...

7.5CVSS6.2AI score0.05511EPSS
Exploits0References1
Rows per page
Query Builder