Lucene search
K

1318 matches found

CNVD
CNVD
added 2016/02/15 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Denial of Service Vulnerability (CNVD-2016-00931)

The Siemens SIMATIC S7-1500 is a controller family with a modular structure. A denial of service vulnerability exists in Siemens SIMATIC S7-1500 versions prior to 1.8.3 when processing specially crafted TCP packets. An attacker can exploit the vulnerability to cause the CPU to automatically reboo...

7.8CVSS6.7AI score0.06371EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/02/12 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the LifeCare PCA Infusion System allows a perpetrator to trigger a service failure or exert other effects.

The vulnerability of the microprogrammed medical equipment, the LifeCare PCA Infusion System, arises due to an overflow in the buffer on the glass. Exploiting this vulnerability could allow a malicious actor to cause malfunctions in the system, or possibly have other effects through TCP packets...

10CVSS7.6AI score0.01112EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2016/01/13 12:0 a.m.4 views

PT-2016-4999 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.3.5 Description: The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and system crash, via crafted TCP traffic. This is due to a problem in the tcp cwnd reductio...

10CVSS6.5AI score0.22374EPSS
Exploits17References52
RedHat Linux
RedHat Linux
added 2016/01/07 3:58 p.m.7 views

rpcbind: Use-after-free vulnerability in PMAP_CALLIT

A use-after-free flaw related to the PMAPCALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service denial of service by performing a series of UDP and TCP calls...

7.5CVSS7.4AI score0.06408EPSS
Exploits0References4
CNVD
CNVD
added 2016/01/05 12:0 a.m.3 views

Wireshark SCTP Parser Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. Wireshark version 2.0.x prior to 2.0.1 and version 1.12.x prior to 1.12.9, epan/dissectors/packet-sctp.c in the SCTP parser does not validate the frame pointer, which can be exploited by remote attackers to cause a denial of service null...

5.5CVSS7.5AI score0.01716EPSS
Exploits0References1
OSV
OSV
added 2016/01/04 5:59 a.m.4 views

UBUNTU-CVE-2015-8722

epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted packet...

5.5CVSS6.4AI score0.01716EPSS
Exploits0References6
CNVD
CNVD
added 2015/12/18 12:0 a.m.1 views

Cisco Unified Computing System (UCS) Denial of Service Vulnerability

Cisco Unified Computing System Manager provides unified, embedded management of all hardware and software components within a unified computing system. A security vulnerability exists in the SSH management interface of the Fabric Interconnect 6200 appliance. A remote attacker could cause a denial...

7.1CVSS6.8AI score0.02333EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/11/19 7:56 p.m.4 views

kernel: Creating multiple sockets when SCTP module isn't loaded leads to kernel panic

A NULL pointer dereference flaw was found in the SCTP implementation. A local user could use this flaw to cause a denial of service on the system by triggering a kernel panic when creating multiple sockets in parallel while the system did not have the SCTP module loaded...

4.7CVSS6.8AI score0.00549EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2015/11/19 6:3 a.m.9 views

wireshark: NCP dissector crashes (wnpa-sec-2014-22)

The buildexpertdata function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5CVSS7.2AI score0.03101EPSS
Exploits0References5
CNVD
CNVD
added 2015/11/07 12:0 a.m.7 views

Cisco AsyncOS Denial of Service Vulnerability (CNVD-2015-07404)

The Cisco AsyncOS operating system is available to enhance the security and performance of Cisco email security appliances. There is a security vulnerability in the Cisco AsyncOS f network stack. a remote attacker sends a large number of TCP packets that consume system memory and perform a...

7.8CVSS7AI score0.02764EPSS
Exploits0References1
OSV
OSV
added 2015/11/05 5:34 p.m.3 views

USN-2797-1 linux-lts-utopic vulnerabilities

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...

6.9CVSS6.7AI score0.05059EPSS
Exploits1References5
securityvulns
securityvulns
added 2015/10/12 12:0 a.m.30 views

Cisco TelePresence Server DoS

Conference Control Protocol API buffer overflow...

7.8CVSS3AI score0.02351EPSS
Exploits0Affected Software1
NVD
NVD
added 2015/09/20 2:59 p.m.15 views

CVE-2015-6284

Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server software before 4.12.33 on 7010, MSE 8710, Multiparty Media 310 and 320, and Virtual Machine devices allows remote attackers to cause a denial of service device crash via a crafted URL, aka Bug ID...

7.8CVSS6.8AI score0.02351EPSS
Exploits0References2
CNVD
CNVD
added 2015/09/20 12:0 a.m.2 views

Apple iOS xnu TCP Message Header Checksum Vulnerability

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A security vulnerability in the Apple iOS XNU TCP message header checksum allows an attacker to conduct a denial-of-service attack on a targeted TCP link without knowing the correct sequence number...

5CVSS6.5AI score0.0244EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/20 12:0 a.m.3 views

Cisco TelePresence Server Software API Buffer Overflow Vulnerability

Cisco TelePresence Server Software is a videoconferencing solution known as a "telepresence" system. The program provides audio, video space and other components to provide remote participants with a "face-to-face" virtual meeting room effect. A buffer overflow vulnerability exists in the...

7.8CVSS7.3AI score0.02351EPSS
Exploits0References1
Cisco
Cisco
added 2015/09/16 4:0 p.m.38 views

Cisco TelePresence Server Denial of Service Vulnerability

Cisco TelePresence Server contains a buffer overflow vulnerability in the Conference Control Protocol API that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. Cisco has released software updates that address this vulnerability. No workarounds that...

7.8CVSS6.9AI score0.02351EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/09/15 9:22 a.m.6 views

kernel: SCTP race condition allows list corruption and panic from userlevel

A race condition flaw was found in the way the Linux kernel's SCTP implementation handled Address Configuration lists when performing Address Configuration Change ASCONF. A local attacker could use this flaw to crash the system via a race condition triggered by setting certain ASCONF options on a...

4.9CVSS7AI score0.00343EPSS
Exploits0References4
OSV
OSV
added 2015/08/18 12:53 a.m.2 views

USN-2717-1 linux-lts-utopic vulnerability

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change ASCONF options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service system crash...

4.9CVSS6.7AI score0.00343EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/08/18 12:0 a.m.6 views

The vulnerability of the Business Process Manager operating system, which allows a perpetrator to trigger a service failure

The vulnerability of the LPTS operating system’s Business Process Manager implementation is related to resource management errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions by continuously sending specially crafted packets to TCP and UDP ports...

5CVSS5.5AI score0.01744EPSS
Exploits0References2
CNVD
CNVD
added 2015/08/08 12:0 a.m.2 views

Juniper Pulse Secure TCP Hardware Acceleration User Data Access Vulnerability

Juniper Networks' Secure Access is an enterprise-grade SSL VPN access device, and the operating system running on the device is Juniper IVE OS. A security vulnerability in Juniper Pulse Secure TCP Hardware Acceleration allows remote users to exploit a TCP handshake checksum vulnerability which, i...

4.3CVSS6.8AI score0.01751EPSS
Exploits1References1
Rows per page
Query Builder