Lucene search
K

57 matches found

Cvelist
Cvelist
added 2024/12/28 7:0 a.m.26 views

CVE-2023-7266

Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.Vulnerability ID:HWPSIRT-2023-76605 This vulnerability has been assigned a CVEID:CVE-2023-7266...

7.5CVSS0.00269EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/28 7:0 a.m.31 views

CVE-2023-7266

Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.Vulnerability ID:HWPSIRT-2023-76605 This vulnerability has been assigned a CVEID:CVE-2023-7266...

7.5CVSS7.5AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/28 12:0 a.m.6 views

Huawei WS7200-10 安全漏洞

Huawei WS7200-10 is a wireless router from Huawei China. A security vulnerability exists in the Huawei WS7200-10, which stems from the presence of a connection hijacking vulnerability, successful exploitation of which may result in a denial of service or information disclosure impact on the devic...

8.1CVSS6.3AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/28 12:0 a.m.4 views

Huawei多款产品 安全漏洞

The Huawei WS8700, among others, is a router from the Chinese company Huawei Huawei. Some of Huawei's home routers are vulnerable to connection hijacking, which can be exploited by attackers to cause a DoS or information disclosure...

8.1CVSS6.5AI score0.0015EPSS
Exploits0References1
Huawei
Huawei
added 2024/06/19 12:0 a.m.84 views

Security Advisory - Connection Hijacking Vulnerability in Some Huawei Home Routers

Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of this vulnerability may cause DoS or information leakage.Vulnerability ID:HWPSIRT-2023-76605 This vulnerability has been assigned a CVEID:CVE-2023-7266...

8.1CVSS6.5AI score0.00269EPSS
Exploits0Affected Software3
RedhatCVE
RedhatCVE
added 2024/06/03 1:33 p.m.28 views

CVE-2024-36905

In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdownSENDSHUTDOWN for TCPSYNRECV sockets TCPSYNRECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash 1, syzbot managed to trigger a divide by zero in...

5.5CVSS6.3AI score0.00332EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/24 12:0 a.m.5 views

PT-2024-3513 · Huawei · Huawei Home Routers

Name of the Vulnerable Software and Affected Versions: Huawei home routers affected versions not specified Description: A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause Denial of Service DoS or information leakage. Th...

8.1CVSS6.8AI score0.0015EPSS
Exploits0References11
Huawei
Huawei
added 2024/04/24 12:0 a.m.71 views

Security Advisory - Connection Hijacking Vulnerability in Some Huawei Home Routers

A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.Vulnerability ID:HWPSIRT-2023-34408 This vulnerability has been assigned a CVEID:CVE-2023-52718...

8.1CVSS6.5AI score0.0015EPSS
Exploits0Affected Software9
Vulnrichment
Vulnrichment
added 2023/08/03 11:44 p.m.9 views

CVE-2023-3373

Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT21 model versions 01.49.000 and prior and GOT SIMPLE Series GS21 model versions 01.49.000 and prior allows a remote unauthenticated attacker to hijack data connections session hijacking ...

5.9CVSS9.2AI score0.00754EPSS
Exploits0References3
Prion
Prion
added 2022/05/04 2:15 p.m.16 views

Cross site request forgery (csrf)

Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7...

4.6CVSS6.4AI score0.00232EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2019/12/11 2:45 p.m.19 views

CVE-2019-14899

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and...

7.4CVSS8.1AI score0.00838EPSS
Exploits0References15
CNVD
CNVD
added 2019/05/22 12:0 a.m.3 views

Modicon M580/M340/Premium/Quantum Insufficient Random Value Usage Vulnerability

The Schneider Electric Modicon M580 is a programmable automation controller.The Schneider Electric Modicon Premium is a large programmable logic controller PLC for discrete or process applications.The Schneider Electric Modicon Quantum is a large programmable logic controller PLC for process...

6.5CVSS6.8AI score0.0193EPSS
Exploits0References1
Lenovo
Lenovo
added 2018/12/18 3:12 p.m.957 views

WPA2 Protocol Vulnerabilities - US

Lenovo Security Advisory: LEN-17420 Potential Impact: An attacker could manipulate the vulnerability to affect clients through arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames Severity: High Scope of...

5.8CVSS7.4AI score0.04575EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/11/07 12:0 a.m.38 views

Debian DLA-1568-1 : curl security update

Several vulnerabilities were discovered in cURL, an URL transfer library. CVE-2016-7141 When built with NSS and the libnsspem.so library is available at runtime, allows an remote attacker to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificat...

9.8CVSS7.6AI score0.11737EPSS
Exploits0References7
OSV
OSV
added 2018/09/14 2:6 p.m.7 views

SUSE-SU-2018:2719-1 Security update for openssh-openssl1

This update for openssh-openssl1 fixes the following issues: These security issues were fixed: - CVE-2016-10708: Prevent NULL pointer dereference via an out-of-sequence NEWKEYS message allowed remote attackers to cause a denial of service bsc1076957. - CVE-2017-15906: The processopen function did...

7.8CVSS6.8AI score0.15716EPSS
Exploits3References12
OpenVAS
OpenVAS
added 2017/10/17 12:0 a.m.71 views

Cisco Aironet Access Points Multiple WPA2 Vulnerabilities

Cisco Aironet Access Points are prone to key reinstallation attacks against WPA protocol. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...

8.1CVSS7AI score0.04575EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/10/17 12:0 a.m.67 views

Cisco Wireless IP Phone 8821 Multiple WPA2 Vulnerabilities

Cisco Wireless IP Phone 8821 is prone to key reinstallation attacks against WPA protocol. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

6.8CVSS7.5AI score0.02388EPSS
Exploits0References1
Fortinet
Fortinet
added 2017/10/16 12:0 a.m.67 views

Key Reinstallation Attacks: Cryptographic/protocol attack against WPA2

Several vulnerabilities affect the Wi-Fi Protected Access II WPA2 protocol, potentially enabling Man-in-the-Middle MitM attacks between Wifi Clients and Access Points running WPA2 . The impact includes decryption, packet replay, TCP connection hijacking and HTTP content injection...

5.8CVSS7.3AI score0.04575EPSS
Exploits1Affected Software4
CVE
CVE
added 2016/08/10 2:0 p.m.232 views

CVE-2016-5420

CVE-2016-5420 affects curl/libcurl prior to 7.50.1, where the client certificate is not checked when reusing a TLS connection, enabling an attacker to hijack the authentication of an existing connection by leveraging a previously loaded client certificate. The related advisories confirm that this...

7.5CVSS7.1AI score0.14596EPSS
Exploits0References18Affected Software1
RedHat Linux
RedHat Linux
added 2016/04/12 5:33 p.m.7 views

samba: Missing downgrade detection

It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections...

5.9CVSS6.7AI score0.09345EPSS
Exploits0References5
Rows per page
Query Builder