Adiscon Rsyslog 安全漏洞

Adiscon Rsyslog is a library for collecting syslogs from the German company Adiscon. A security vulnerability exists in Adiscon Rsyslog version 8.2204.0 and earlier versions, which stems from a heap buffer overflow in the module used to receive TCP syslogs when using octet-counted frames, which c...

CVE-2022-20746

A vulnerability in the TCP proxy functionality of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition. This vulnerability is due to improper handling of TCP flows. An attacker could exploit this vulnerability by...

The vulnerability of the AppNav-XE function in the Cisco IOS XE operating system allows a hacker to trigger a device reboot or cause a service failure.

The vulnerability of the AppNav-XE function in the Cisco IOS XE operating system is related to improper locking of resources. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure by sending a TCP traffic...

CVE-2022-21431

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications component: Connection Manager. Supported versions that are affected are 12.0.0.4 and 12.0.0.5. Easily exploitable vulnerability allows unauthenticated attacker with network acce...

Oracle Communications Billing and Revenue Management 安全漏洞

Oracle Communications Billing and Revenue Management is a communications billing and revenue management system from Oracle that provides a fully converged, real-time enterprise revenue management application. This unified platform manages, maximizes, and converts each revenue stream into revenue...

The vulnerabilities in the implementation of the TCP/IP protocol stack of Cisco Email Security Appliance, Cisco Web Security Appliance web servers, and Cisco Secure Email and Web Manager (formerly known as Cisco Security Management Appliance) allow attackers to induce service interruptions.

The vulnerability of the TCP/IP protocol stack implementation of Cisco Email Security Appliance, Cisco Web Security Appliance, and Cisco Secure Email and Web Manager formerly Cisco Security Management Appliance is related to an exception handling error. Exploitation of this vulnerability could...

Siemens SIMATIC 资源管理错误漏洞

The SIMATIC S7-400 CPU series is designed for process control in industrial environments.The SIMATIC S7-300 CPU series is designed for discrete and continuous control in industrial environments.The SIMATIC S7-1500 CPU series is designed for discrete and continuous control in industrial...

Vulnerability in SICK MSC800

SICK received a report about a vulnerability in the SICK MSC800. An attacker could compromise services on the MSC800 by a TCP sequence prediction attack if a vulnerable version is used...

The vulnerability of the TCP protocol implementation in the Stack Trace TCP/IP protocol allows a perpetrator to cause a service failure.

The vulnerability of the TCP protocol implementation in the Stack Trace TCP/IP protocol is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

ALPINE-CVE-2022-24786

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI Reference Picture Selection Indication packet, but any app that directly uses pjmediartcpfbparserpsi will be affected. A patch is available in the...

DoS from specifically crafted TCP packets

...

Software AG MashZone NextGen 代码问题漏洞

Software AG MashZone NextGen is a software from Software AG, Germany. It is used to visualize data in an interactive manner. A code issue vulnerability exists in Software AG MashZone NextGen version 10.7 and earlier versions, which can be exploited by attackers to check the availability of a PPM...

The vulnerability of the TCP protocol implementation in the Stack Trace TCP/IP protocol allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the TCP protocol implementation in the Stack Trace TCP/IP protocol is related to integer overflow when processing the length parameter. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

ISC BIND 资源管理错误漏洞

ISC BIND is a suite of open source software from ISC Corporation that implements the DNS protocol. A resource management error vulnerability exists in ISC BIND, which stems from the fact that a TCP connection with "keep-response-order" enabled may leave the TCP interface in the "CLOSEWAIT " state...

Linux kernel 加密问题漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system, Linux. Linux kernel is vulnerable to a security flaw that could be exploited by an attacker to inject data into a victim's TCP session or terminate that session...

DEBIAN-CVE-2022-23096

An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. This flaw allows attackers to cause a denial of service soft lockup by triggering the destruction of a large SEV VM, which requires unregistering many encrypted regions. The highest threat from this vulnerability is to system availability...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. When reusing a socket with an attached dccpshctxccid as a listener, the socket will be used after being released leading to denial of service DoS or a potential code execution. The highest threat from this vulnerability is to data...

CVE-2022-23011

On certain hardware BIG-IP platforms, in version 15.1.x before 15.1.4 and 14.1.x before 14.1.3, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Protection feature. Note: Software versions which have reached End of Technical Support EoTS are not...

The vulnerability of the CAPWAP control protocol implementation in the Cisco IOS XE operating system allows a attacker to trigger a service failure or execute arbitrary code.

The vulnerability of the CAPWAP control protocol implementation in the Cisco IOS XE operating system is related to buffer overflow errors in dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...