5128 matches found
Wireshark 4.0.x < 4.0.3 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.3 advisory. - Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service vi...
Wireshark 3.6.x < 3.6.11 Multiple Vulnerabilities (macOS)
The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 3.6.11. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-3.6.11 advisory. - Memory leak in the NFS dissector in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of...
Kscan - Simple Asset Mapping Tool
0 Disclaimer The author did not participate in the XX action, don't trace it This tool is only for legally authorized enterprise security construction behaviors and personal learning behaviors. If you need to test the usability of this tool, please build a target drone environment by yourself. Wh...
SAP NetWeaver AS ABAP Capture-Replay (3089413)
SAP NetWeaver ABAP Server and ABAP Platform creates information about system identity in an ambiguous format. This could lead to capture-replay vulnerability and may be exploited by malicious users to obtain illegitimate access to the system. Note that Nessus has not tested for this issue but has...
CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
CVE-2022-4344
Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
CVE-2022-4344
Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
Dark Pink APT Group Targets Governments and Military in APAC Region
Government and military organizations in the Asia-Pacific region are being targeted by a previously unknown advanced persistent threat APT actor, per latest research conducted by Albert Priego of Group-IB The Singapore-headquartered company, in a report shared with The Hacker News, said it's...
CVE-2022-4344
Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
CVE-2022-4344
Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
CVE-2022-4344
Memory exhaustion in the Kafka protocol dissector in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
CVE-2023-0014
SAP NetWeaver ABAP Server and ABAP Platform - versions SAPBASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguo...
Design/Logic Flaw
SAP NetWeaver ABAP Server and ABAP Platform - versions SAPBASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguo...
CVE-2023-0014 Capture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform
SAP NetWeaver ABAP Server and ABAP Platform - versions SAPBASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguo...
CVE-2023-0014
CVE-2023-0014 affects SAP NetWeaver ABAP Server and ABAP Platform on multiple SAP_BASIS versions (700…757) and kernel/CR components (e.g., 7.22, 7.53, 7.77, 7.81, 7.85, 7.89; KRNL64UC/NUC) where the system identity is created in an ambiguous format. This behavior can enable a capture-replay vulne...
CVE-2023-0014 Capture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform
SAP NetWeaver ABAP Server and ABAP Platform - versions SAPBASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguo...
PT-2023-1236 · Schneider Electric · Ecostruxure Process Expert +4
Name of the Vulnerable Software and Affected Versions: EcoStruxure Control Expert versions prior to V2020 EcoStruxure Process Expert versions prior to V2020 Modicon M340 CPU versions prior to the latest version Modicon M580 CPU versions prior to the latest version Modicon M580 CPU Safety versions...
Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: EcoStruxure Control Expert, EcoStruxure Process Expert, Modicon M340 CPU, Modicon M580 CPU, Modicon Momentum Unity M1E Processor, Modicon MC80 Vulnerability: Authentication Bypass by...
The vulnerability of TP-Link Archer AX10 router’s microprogramming software allows for an attack where the attacker bypasses authentication by using capture-replay techniques to intercept and replay captured parameters. This enables the attacker to carry out a “man-in-the-middle” type attack and gain unauthorized access to protected information.
The vulnerability of TP-Link Archer AX10 router’s microprogramming software lies in the ability to bypass the authentication process by exploiting the capture-replay technique for manipulating processed HTTP packets. Exploiting this vulnerability allows an attacker to carry out a...