Lucene search
+L

42 matches found

UbuntuCve
UbuntuCve
added 2023/06/02 12:15 p.m.52 views

CVE-2022-24695

Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with...

4.3CVSS5.9AI score0.00409EPSS
Exploits0References4
OSV
OSV
added 2022/12/07 7:35 p.m.6 views

USN-5765-1 postgresql-9.5 vulnerability

Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established...

5.9CVSS7.1AI score0.01501EPSS
Exploits0References2
Prion
Prion
added 2022/07/18 12:15 p.m.15 views

Code injection

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection...

5CVSS7.4AI score0.01733EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/07/18 11:30 a.m.29 views

CVE-2022-36127 Service unavailability impact in NodeJS agent(version <= 0.5.0)

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection...

7.6AI score0.01733EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2021/11/11 6:26 p.m.102 views

USN-5145-1: PostgreSQL vulnerabilities

Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established...

8.1CVSS7.3AI score0.01901EPSS
Exploits0
OSV
OSV
added 2021/11/11 6:26 p.m.12 views

USN-5145-1 postgresql-10, postgresql-12, postgresql-13 vulnerabilities

Jacob Champion discovered that PostgreSQL incorrectly handled SSL certificate verification and encryption. A remote attacker could possibly use this issue to inject arbitrary SQL queries when a connection is first established...

8.1CVSS7.1AI score0.01901EPSS
Exploits0References3
Prion
Prion
added 2021/04/07 8:15 a.m.16 views

Input validation

RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

7.8CVSS7.5AI score0.00709EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/07 7:55 a.m.34 views

CVE-2020-11243

RRC sends a connection establishment success to NAS even though connection setup validation returns failure and leads to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

7.5CVSS7.5AI score0.00709EPSS
Exploits0References1
CVE
CVE
added 2021/04/07 7:55 a.m.62 views

CVE-2020-11243

CVE-2020-11243 affects Qualcomm closed-source components on Snapdragon platforms (Auto, Compute, Connectivity, Mobile). Technical detail: RRC sends a connection-establishment success to NAS even when the connection setup validation fails, causing a Denial of Service. The CVE is referenced in mult...

7.8CVSS7.4AI score0.00709EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/11/17 12:0 a.m.6 views

The vulnerability of the Apache CXF web service framework, related to connection establishment errors, allows attackers to gain unauthorized access to protected information.

The vulnerability of Apache CXF web services is related to errors during connection establishment. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.7CVSS6.6AI score0.06147EPSS
Exploits0References3Affected Software7
Kitploit
Kitploit
added 2019/03/24 8:32 p.m.161 views

Androwarn - Yet Another Static Code Analyzer For Malicious Android Applications

Androwarn is a tool whose main aim is to detect and warn the user about potential malicious behaviours developped by an Android application. The detection is performed with the static analysis of the application's Dalvik bytecode, represented as Smali, with the androguard library. This analysis...

7.2AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2018/12/25 12:0 a.m.7 views

The vulnerability of the Network Security Services library, related to connection establishment errors, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Network Security Services library collection is related to errors during connection establishment. Exploiting this vulnerability can allow a malicious actor, operating remotely, to compromise the confidentiality and integrity of the protected information...

4.8CVSS6.2AI score0.01496EPSS
Exploits0References10Affected Software4
Veracode
Veracode
added 2017/05/03 8:35 a.m.21 views

Replay Attack

github.com/v2ray/v2ray-core is vulnerable to replay attacks. The library doesn't implement session id's in its server, allowing a malicious user to send older packets to the server to establish a connection...

6.6AI score
Exploits0
CNVD
CNVD
added 2015/08/03 12:0 a.m.4 views

Cisco AnyConnect Secure Mobility Client Directory Traversal Vulnerability

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client 4.0 2049 has a directory traversal vulnerability in the implementation of the connection establishment process that could allow an unauthenticated, remote attacker to perform...

6.4CVSS7AI score0.01927EPSS
Exploits0References1
Cisco
Cisco
added 2015/07/30 8:36 p.m.28 views

Cisco AnyConnect Secure Mobilty Client Directory Traversal Vulnerability

A vulnerability in the connection establishment process of Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, remote attacker to write or overwrite files in the active user's context. The vulnerability is due to insufficient input validation. An unauthenticated, remote attack...

4.3CVSS6.5AI score0.01927EPSS
Exploits0References1
Fedora
Fedora
added 2015/06/05 11:46 p.m.25 views

[SECURITY] Fedora 20 Update: ipsec-tools-0.8.2-1.fc20

This package contains tools necessary for establishing keys for IPSEC connections including the rekeying during the connection lifetime. The main tools of this package are: - setkey, a program to directly manipulate policies and SAs in the kernel - racoon, an IKEv1 keying daemon...

7.8CVSS2AI score0.09877EPSS
Exploits1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9379/info KpyM Telnet Server has been reported to be prone to a remote denial of service vulnerability. Due to a lack of resource limitations, a remote attacker may negotiate multiple connections to the affected server...

7.1AI score
Exploits0
NVD
NVD
added 2012/05/02 10:9 a.m.20 views

CVE-2012-0338

Cisco IOS 12.2 through 12.4 and 15.0 does not recognize the vrf-also keyword during enforcement of access-class commands, which allows remote attackers to establish SSH connections from arbitrary source IP addresses via a standard SSH client, aka Bug ID CSCsv86113...

5CVSS6.8AI score0.01318EPSS
Exploits0References3
seebug.org
seebug.org
added 2011/03/02 12:0 a.m.43 views

Linux Kernel &lt;= 2.6.37 Local Kernel Denial of Service

No description provided by source. / Linux Kernel = 2.6.37 local kernel DoS CVE-2010-4165 ======================================================= A divide by 0 error occurs in tcpselectinitialwindow when processing user supplied TCPMAXSEG facilitating a local denial-of-service condition kernel...

4.9CVSS0.2AI score0.01355EPSS
Exploits15
Saint
Saint
added 2009/03/18 12:0 a.m.16 views

Download connection

Added: 03/18/2009 Background This tool allows you to download a file which, when executed, establishes a command connection. Limitations This tool requires a user to execute the downloaded file in order to succeed. The target field must be a licensed target but is unused. Platforms Windows Linux...

1.6AI score
Exploits0
Rows per page
Query Builder