Lucene search
K

5122 matches found

Cvelist
Cvelist
added 2024/08/30 11:44 p.m.27 views

CVE-2023-7256 Double-free in libpcap before 1.10.5 with remote packet capture support.

In affected libpcap versions during the setup of a remote packet capture the internal function sockinitaddress calls getaddrinfo and possibly freeaddrinfo, but does not clearly indicate to the caller function whether freeaddrinfo still remains to be called after the function returns. This makes i...

4.4CVSS0.0022EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2024/08/30 11:44 p.m.33 views

CVE-2023-7256

In affected libpcap versions during the setup of a remote packet capture the internal function sockinitaddress calls getaddrinfo and possibly freeaddrinfo, but does not clearly indicate to the caller function whether freeaddrinfo still remains to be called after the function returns. This makes i...

9.8CVSS6.7AI score0.01522EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/08/30 10:15 a.m.1 views

SUSE CVE-2024-8250

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...

5.5CVSS7.1AI score0.00317EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/08/30 12:0 a.m.5 views

The vulnerability of IBM QRadar Network Packet Capture in capturing network traffic lies in the lack of data encryption measures, which allows attackers to disclose protected information.

The vulnerability of IBM QRadar Network Packet Capture relates to the lack of measures for data encryption. Exploiting this vulnerability could allow a malicious actor to disclose protected information by executing a “man-in-the-middle” attack...

5.9CVSS5.4AI score0.00303EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/08/30 12:0 a.m.2 views

libpcap 代码问题漏洞

libpcap is a portable C/C ++ library for network traffic capture from the Tcpdump team. A code issue vulnerability exists in libpcap, which stems from improper handling of filesystem paths in the pcapfindalldevsex function. When the specified path cannot be used as a directory, the function fails...

4.4CVSS6.3AI score0.0022EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/08/30 12:0 a.m.2 views

PT-2024-6095 · Libpcap +3 · Libpcap +3

Name of the Vulnerable Software and Affected Versions: libpcap affected versions not specified Description: The issue is related to a null pointer dereference in the pcap findalldevs ex function of the libpcap library. This function becomes available when a user builds libpcap with remote packet...

4.4CVSS7.9AI score0.0022EPSS
Exploits0References45
Positive Technologies
Positive Technologies
added 2024/08/30 12:0 a.m.5 views

PT-2024-6379 · Libpcap +3 · Libpcap +3

Name of the Vulnerable Software and Affected Versions: libpcap versions affected versions not specified Description: The issue is related to the function freeaddrinfo in the libpcap library, where it is called for the same allocated memory block, potentially leading to a denial of service. During...

4.4CVSS8.1AI score0.0022EPSS
Exploits0References52
OSV
OSV
added 2024/08/29 12:15 a.m.4 views

AZL-48338 CVE-2024-8250 affecting package wireshark 4.0.8-1

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...

5.5CVSS7.1AI score0.00317EPSS
Exploits1References1
OSV
OSV
added 2024/08/29 12:15 a.m.5 views

AZL-48339 CVE-2024-8250 affecting package wireshark for versions less than 4.4.7-1

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...

5.5CVSS7.1AI score0.00317EPSS
Exploits1References1
OSV
OSV
added 2024/08/29 12:15 a.m.1 views

DEBIAN-CVE-2024-8250

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...

5.5CVSS6.2AI score0.00317EPSS
Exploits1References1
NVD
NVD
added 2024/08/29 12:15 a.m.18 views

CVE-2024-8250

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...

7.8CVSS0.00317EPSS
Exploits1References3
OSV
OSV
added 2024/08/28 11:30 p.m.19 views

CVE-2024-8250 Expired Pointer Dereference in Wireshark

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...

7.8CVSS6.3AI score0.00317EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/08/28 11:30 p.m.44 views

CVE-2024-8250 Expired Pointer Dereference in Wireshark

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...

7.8CVSS0.00317EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2024/08/28 11:30 p.m.18 views

CVE-2024-8250

NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file...

7.8CVSS6.2AI score0.00317EPSS
Exploits1
OSV
OSV
added 2024/08/21 3:29 p.m.7 views

GO-2022-0889 Authentication bypass by capture-replay in github.com/cosmos/ethermint

Authentication bypass by capture-replay in github.com/cosmos/ethermint...

7.5CVSS7.5AI score0.01284EPSS
Exploits0References5
OSV
OSV
added 2024/08/21 3:29 p.m.31 views

GO-2022-0813 Authentication bypass by capture-replay in github.com/cosmos/ethermint

Authentication bypass by capture-replay in github.com/cosmos/ethermint...

7.5CVSS7.6AI score0.01147EPSS
Exploits0References5
OSV
OSV
added 2024/08/21 2:30 p.m.8 views

GO-2022-0310 Capture-replay in Gitea in code.gitea.io/gitea

Capture-replay in Gitea in code.gitea.io/gitea...

9.8CVSS9.4AI score0.02139EPSS
Exploits0References9
OSV
OSV
added 2024/08/20 8:29 p.m.24 views

GO-2023-1659 Answer vulnerable to Authentication Bypass by Capture-replay in github.com/answerdev/answer

Answer vulnerable to Authentication Bypass by Capture-replay in github.com/answerdev/answer...

9.8CVSS9.4AI score0.00837EPSS
Exploits1References4
NVD
NVD
added 2024/08/15 5:15 p.m.12 views

CVE-2024-31905

IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...

5.9CVSS0.00303EPSS
Exploits0References1
OSV
OSV
added 2024/08/15 5:15 p.m.1 views

CVE-2024-31905

IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...

5.9CVSS5.8AI score0.00303EPSS
Exploits0References1
Rows per page
Query Builder