The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows attackers to disclose sensitive information.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to deficiencies in the access control mechanism. Exploiting this vulnerability allows a malicious actor to disclose protected information remotely...

EDK2 Security Feature Issue Vulnerability

EDK2 is a cross-platform firmware development environment from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that stems from the Network Package being susceptible to predictable TCP initial sequence numbers...

OESA-2024-1070 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of servic...

CVE-2024-21313

Windows TCP/IP Information Disclosure Vulnerability...

PT-2024-1148 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the TCP/IP protocol in Windows operating systems, specifically due to shortcomings in the access control mechanism. This allows a remote attack...

AZL-32318 CVE-2024-0208 affecting package wireshark 4.0.8-1

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...

CVE-2023-31455

Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort...

Pexip Infinity Security Vulnerability

Pexip Infinity is a cloud collaboration platform for video conferencing from Pexip Norway. The product provides high quality and secure cloud conferencing capabilities. A security vulnerability exists in Pexip Infinity prior to version 31.2, which stems from incorrect validation of RTCP inputs,...

SUSE CVE-2023-6536

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...

Linux kernel code issue vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a code issue vulnerability that stems from could allow an unauthenticated attacker to send crafted TCP packets, resulting in NULL pointer...

CVE-2023-40151

When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled UDR-A any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same message comes over TCP/IP t...

Linux kernel buffer error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer error vulnerability that stems from an out-of-bounds read vulnerability in the NVMe of/TCP subsystem...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

Linux kernel buffer error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the presence of an out-of-bounds read vulnerability that allows a remote user to disclose sensitive...

kernel: sctp: fail if no bound addresses can be used for a given scope

A memory leak flaw was found in the Linux kernel's Stream Control Transmission Protocol. This issue may occur when a user starts a malicious networking service and someone connects to this service. This could allow a local user to starve resources, causing a denial of service...

The vulnerability of the Control Protocol Director (l2cpd) in Juniper Networks’ Junos and JunOS Evolved operating systems allows a attacker to induce a service failure.

The vulnerability of the Control Protocol Layer 2 l2cpd in Juniper Networks’ Junos and JunOS Evolved operating systems is related to deficiencies in handling exceptional states. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the Suricata intrusion detection and prevention system, related to incorrect validation of the integrity check value, allows an intruder to bypass or neutralize any signature based on the TCP protocol.

The vulnerability of the Suricata intrusion detection and prevention system is related to incorrect validation of the integrity check value. Exploiting this vulnerability allows a malicious actor to bypass or neutralize any signature based on the TCP protocol...

The vulnerability of the Suricata intrusion detection and prevention system, related to the occurrence of interpretation conflicts, allows an intruder to bypass or neutralize any signature based on the TCP protocol.

The vulnerability of the Suricata intrusion detection and prevention system is related to the occurrence of interpretation conflicts. Exploiting this vulnerability allows a remote attacker to bypass or neutralize any TCP-based signature, by intercepting the TCP segment...