SUSE CVE-2014-7202

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

The vulnerability of the Layer 2 Tunneling Protocol (L2TP) implementation in Microsoft Windows allows a hacker to execute arbitrary code.

The vulnerability of the Layer 2 Tunneling Protocol L2TP implementation in Microsoft Windows operating systems relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted connection request to the...

PT-2023-1044 · Microsoft · Windows L2Tp +1

Name of the Vulnerable Software and Affected Versions: Windows Layer 2 Tunneling Protocol L2TP affected versions not specified Description: The issue is related to a buffer overflow in the implementation of the Layer 2 Tunneling Protocol L2TP in Microsoft Windows. It can be exploited by sending a...

Cross site request forgery (csrf)

D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service DoS via a crafted HTTP connection request...

GSD-2022-1002762 Bluetooth: use hdev lock for accept_list and reject_list in conn req

Bluetooth: use hdev lock for acceptlist and rejectlist in conn req This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.3 by commit...

CVE-2022-20021

In Bluetooth, there is a possible application crash due to bluetooth does not properly handle the reception of multiple LMPhostconnectionreq. This could lead to remote denial of service of bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation...

Cesanta Mongoose out-of-bounds write vulnerability (CNVD-2021-12087)

Mongoose is a C/C++ network library. An out-of-bounds write vulnerability exists in the mghttpservefile function in Cesanta Mongoose 7.0. An attacker can exploit this vulnerability via a connection request to cause an out-of-bounds write after the memory pool is exhausted...

Cesanta Mongoose 缓冲区错误漏洞

Mongoose is a C/C++ network library. An out-of-bounds write vulnerability exists in the mgtlsinit function in Cesanta Mongoose 7.0. An attacker can exploit this vulnerability via a connection request to cause an out-of-bounds write after the memory pool is exhausted...

Linux: Read /etc/inetd.* and /etc/xinetd.* files

xinetd performs the same function as inetd: it starts programs that provide Internet services. Instead of having such servers started at system initialization time, and be dormant until a connection request arrives, xinetd is the only daemon process started and it listens on all service ports for...

CVE-2020-3704

u'While processing invalid connection request PDU which is nonstandard interval or timeout is 0 from central device may lead peripheral system enter into dead lock state.This CVE is equivalent to InvalidConnectionRequestCVE-2019-19193 mentioned in sweyntooth paper' in Snapdragon Auto, Snapdragon...

CVE-2020-3704

u'While processing invalid connection request PDU which is nonstandard interval or timeout is 0 from central device may lead peripheral system enter into dead lock state.This CVE is equivalent to InvalidConnectionRequestCVE-2019-19193 mentioned in sweyntooth paper' in Snapdragon Auto, Snapdragon...

DEBIAN-CVE-2020-26116

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request...

UBUNTU-CVE-2020-26116

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request...

CVE-2020-25255

An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. It allows remote attackers to cause a denial of service outage of connection-request processing via a long user ID, which triggers an excepti...

DejaBlue, RDP Heap Overflow

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction...

IBM StoredIQ Detection

Detection of IBM StoredIQ. The script sends a connection request to the server and attempts to detect IBM StoredIQ and to extract its version. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

TP-Link Megapixel Surveillance Camera Detection

Detection of Megapixel Surveillance Camera. The script sends a connection request to the server and attempts to detect the web interface for TP-Link Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or...

Alemba Nano Detection

Detection of Alemba Nano. The script sends a connection request to the server and attempts to detect Alemba Nano and to extract its version. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

MayGion IPCamera Detection

Detection of MayGion IPCamera. The script sends a connection request to the server and attempts to detect the web interface for MayGion IPCamera. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Icecast Detection

Detection of Icecast. The script sends a connection request to the server and attempts to detect Icecast and to extract its version. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...