Lucene search
K

1314 matches found

CNVD
CNVD
added 2018/05/15 12:0 a.m.4 views

Moxa EDR-810 Information Disclosure Vulnerability

The EDR-810 is a highly integrated industrial multi-port security router with firewall/NAT/VPN and two-layer manageable switch functionality. An information disclosure vulnerability exists in the server proxy feature of the Moxa EDR-810 V4.1 build 17030317. An attacker can exploit this...

7.5CVSS6.3AI score0.48138EPSS
Exploits2References1
OSV
OSV
added 2018/05/14 8:29 p.m.5 views

CVE-2017-12128

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...

7.5CVSS5.8AI score0.48138EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2018/05/14 12:0 a.m.5 views

PT-2018-5369 · Moxa · Moxa Edr-810

Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317 Description: An information disclosure issue exists in the Server Agent functionality. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigg...

7.5CVSS5.2AI score0.48138EPSS
Exploits2References2
OSV
OSV
added 2018/05/10 1:29 p.m.1 views

DEBIAN-CVE-2018-1130

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccpwritexmit function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls...

5.5CVSS7.2AI score0.00495EPSS
Exploits0References1
OSV
OSV
added 2018/05/02 1:29 p.m.5 views

CVE-2018-5517

On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. The control plane is not exposed to this issue. This issue impacts the data plane virtual servers and self IPs...

7.5CVSS5.8AI score0.01799EPSS
Exploits0References2
OSV
OSV
added 2018/04/04 7:29 a.m.0 views

DEBIAN-CVE-2018-9258

In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources...

7.5CVSS6.2AI score0.01975EPSS
Exploits1References1
CNVD
CNVD
added 2018/04/04 12:0 a.m.2 views

Wireshark Denial of Service Vulnerability (CNVD-2018-07438)

Wireshark formerly Ethereal is a suite of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.TCP dissector is one of the transmission control protocol parsers. A security vulnerabili...

7.5CVSS6.7AI score0.01975EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2018/03/15 12:0 a.m.66 views

The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems allows attackers to bypass network attack detection functions.

The vulnerability of the TCP packet processing driver in Snort and Suricata IDS systems is related to the implementation of an internal mechanism for handling TCP connections. Exploiting this vulnerability allows a malicious actor to bypass the network attack detection functions, which are...

7.5CVSS5.5AI score0.29534EPSS
Exploits4References4Affected Software2
OSV
OSV
added 2018/03/09 5:29 p.m.2 views

CVE-2017-17216

Media Gateway Control Protocol MGCP in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An...

5.9CVSS5.8AI score0.00977EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/01 12:0 a.m.3 views

Flexense Disk Savvy Enterprise Buffer Error Vulnerability

Flexense Disk Savvy Enterprise is a free hard disk space analysis tool from Flexense Canada. A buffer overflow vulnerability exists in the control protocol in Flexense Disk Savvy Enterprise. A remote attacker can exploit this vulnerability by sending specially crafted packets to TCP port 9124 to...

9.8CVSS8AI score0.20111EPSS
Exploits6References1
OSV
OSV
added 2018/02/27 7:29 p.m.2 views

CVE-2018-6481

A buffer overflow vulnerability in the control protocol of Disk Savvy Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9124...

9.8CVSS6.4AI score0.20111EPSS
Exploits6References4
OSV
OSV
added 2018/02/22 12:29 a.m.1 views

DEBIAN-CVE-2018-7286

An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. respjsip allows remote authenticated users to crash Asterisk segmentation fault by sending a number of SIP INVITE messages on a TCP or TLS connection and...

6.5CVSS6.8AI score0.38858EPSS
Exploits5References1
CNVD
CNVD
added 2018/02/22 12:0 a.m.4 views

Cisco Unified Customer Voice Portal Denial of Service Vulnerability (CNVD-2018-05345)

Cisco Unified Customer Voice Portal CVP is a unified communications system for delivering voice and video self-service from Cisco.The Interactive Voice Response IVR management connection interface is one of the connectivity components that provides an open and extensible foundation for creating a...

8.6CVSS6.8AI score0.0232EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/22 12:0 a.m.4 views

Digium Asterisk Open Source and Certified Asterisk 'INVITE' Denial of Service Vulnerabilities

Digium Asterisk Open Source and Certified Asterisk are both open source telephone exchange PBX system software from Digium, Inc. in the United States. The software supports voicemail, multi-party voice conferencing, and interactive voice response IVR. A denial of service vulnerability exists in...

6.5CVSS6.8AI score0.38858EPSS
Exploits5References1
OSV
OSV
added 2018/02/15 4:29 p.m.4 views

CVE-2017-15344

Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker coul...

7.5CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/02/08 7:29 a.m.3 views

CVE-2018-0137

A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An attacker could explo...

8.6CVSS5.7AI score0.01619EPSS
Exploits0References3
OSV
OSV
added 2018/02/08 7:29 a.m.4 views

CVE-2018-0137

A vulnerability in the TCP throttling process of Cisco Prime Network could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient rate limiting protection for TCP listening ports. An attacker could explo...

8.6CVSS5.8AI score0.01619EPSS
Exploits0References2
OSV
OSV
added 2018/02/07 5:29 a.m.1 views

DEBIAN-CVE-2018-6794

Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web...

5.3CVSS6.9AI score0.29534EPSS
Exploits4References1
CNVD
CNVD
added 2018/02/07 12:0 a.m.5 views

Flexense SyncBreeze Enterprise Buffer Error Vulnerability

Flexense SyncBreeze Enterprise is a set of file synchronization tools from Flexense Canada. The tool has file management and data synchronization features. control protocol is one of the controller protocol. A buffer overflow vulnerability exists in the control protocol in Flexense SyncBreeze...

9.8CVSS7.9AI score0.04065EPSS
Exploits4References1
OSV
OSV
added 2018/02/02 9:29 a.m.4 views

CVE-2018-6537

A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121...

9.8CVSS6.4AI score
Exploits0References1
Rows per page
Query Builder