The vulnerability of the TCP/IP protocol implementation in the Windows operating system allows a hacker to cause a service failure.

The vulnerability of the TCP/IP protocol implementation in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the Suricata intrusion detection and prevention system arises from the operation going beyond the buffer boundaries in memory. This allows attackers to circumvent security restrictions and execute the TCP Reset attack.

The vulnerability of the Suricata intrusion detection and prevention system lies in the fact that the operation escapes the buffer in memory due to insufficient checking of the values of the FIN, SYN, and ACK parameters during packet processing. Exploiting this vulnerability allows a remote...

The vulnerability of the Control Protocol Director (l2cpd) in Juniper Networks’ Junos and JunOS Evolved operating systems allows a attacker to induce a service failure.

The vulnerability of the Control Protocol Director l2cpd in Juniper Networks’ Junos and JunOS Evolved operating systems is related to errors in processing input data. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending specially crafted LLDP packets...

The vulnerability of the TCP/IP protocol implementation in the Windows operating system allows a hacker to cause a service failure.

The vulnerability of the TCP/IP protocol implementation in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

OESA-2023-1726 grpc security update

gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It is also applicable in last mile of distributed...

Kernel: netfilter: xtables sctp out-of-bounds read in match_flags()

...

CVE-2023-40718

A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets...

PT-2023-5980 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a denial-of-service vulnerability in the implementation of the TCP/IP protocol in the Windows operating system, caused by insufficient input validation. This can all...

The vulnerability of the DNS-server BIND daemon, which allows a hacker to cause a service failure.

The vulnerability of the DNS-server BIND daemon is related to the escape of operations beyond the buffer in memory due to uncontrolled recursion during the processing of incoming packets. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted...

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a perpetrator to cause service failures.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the programmable logic controller PLC-100, related to errors in TCP communication processing, allows a intruder to trigger a service failure.

The vulnerability of the programmable logic controller PLC-100 is related to errors in TCP communication processing. Exploiting this vulnerability can allow a remote attacker to cause service failures...

Digi RealPort 安全漏洞

Digi RealPort is a proprietary Serial-over-LAN encapsulation protocol. It provides virtual connectivity to serial devices anywhere on the network by encapsulating ICS protocol data in a TCP-based protocol. A security vulnerability exists in the Digi RealPort Protocol that stems from vulnerability...

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

kernel: buffer overflow in ceph file net/ceph/messenger_v2.c

An flaw was found in net/ceph/messengerv2.c in the Linux Kernel. An integer signing error leads to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This issue occurs due to an untrusted length taken from a TCP packet in cephdecode32...

USN-6262-1 wireshark vulnerabilities

It was discovered that Wireshark did not properly handle certain NFS packages when certain configuration options were enabled. An attacker could possibly use this issue to cause Wireshark to crash, resulting in a denial of service. CVE-2020-13164 It was discovered that Wireshark did not properly...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

kernel: net/ulp: use-after-free in listening ULP sockets

A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context struct tlscontext on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system...

Kratos NGC Indoor Unit 操作系统命令注入漏洞

Kratos Defense The Kratos NGC Indoor Unit is an advanced antenna control system from Kratos Defense. A security vulnerability in the Kratos NGC Indoor Unit IDU version 9.1.0.4 can be exploited by an attacker to execute arbitrary Linux commands as root by sending a crafted TCP request to the devic...