Lucene search
K

201 matches found

Prion
Prion
added 2018/05/14 2:29 p.m.19 views

Design/Logic Flaw

In Schneider Electric ClearSCADA 2014 R1 build 75.5210 and prior, 2014 R1.1 build 75.5387 and prior, 2015 R1 build 76.5648 and prior, and 2015 R2 build 77.5882 and prior, an attacker with network access to the ClearSCADA server can send specially crafted sequences of commands and data packets to...

5CVSS7.6AI score0.01711EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2017/10/18 12:0 a.m.7 views

The vulnerability of the WPA2 protocol, which stems from errors in managing the cryptographic keys, allows unauthorized access to encrypted information transmitted over a wireless network.

The vulnerability of the WPA2 protocol, which provides security for Wi-Fi wireless networks, is related to errors in managing cryptographic keys. Exploiting this vulnerability allows a perpetrator within the range of a Wi-Fi network to gain access to encrypted information transmitted over the...

7.9CVSS7AI score0.04575EPSS
Exploits1References23Affected Software39
CNVD
CNVD
added 2017/08/21 12:0 a.m.1 views

Vulnerability of Qingdao Governmental Affairs App Android Version with Ultra-rights Access Vulnerability

Qingdao Government APP is a government service assistant that facilitates citizens to learn the latest news and information anytime and anywhere, grasp the latest government decision-making information, and facilitate direct dialogue and communication between citizens and the government. The...

6.6AI score
Exploits0
n0where
n0where
added 2017/08/16 4:22 a.m.25 views

Capturing, Analyzing and Responding to Cyber Attacks: cyberprobe

The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two components: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, which receives the stream...

0.2AI score
Exploits0References1
n0where
n0where
added 2017/01/09 6:35 a.m.17 views

Real Time Network Monitoring: Cyberprobe

Real Time Network Monitoring Cyberprobe is a distrbuted architecture for real-time monitoring of networks against attack. The software consists of a number of components, including: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, whi...

Exploits0
CNVD
CNVD
added 2016/08/11 12:0 a.m.3 views

Android on Nexus devices elevation of privilege vulnerability (CNVD-2016-06282)

Android on Nexus is Google's line of high-end phones powered by stock Android. Android before 2016-08-05 on Nexus 7 devices suffers from an elevation of privilege vulnerability that allows attackers to gain privileges by sending short DCI request packets via a crafted application...

7.8CVSS7.4AI score0.00454EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.5 views

The vulnerability of the HP SDN VAN Controller, a system for managing virtual networks, allows a hacker to execute arbitrary code.

The vulnerability of the HP SDN VAN Controller’s virtual network management subsystem is related to resource management errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending network packets to the REST port...

7.8CVSS6AI score0.02614EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/10/28 12:0 a.m.263 views

Ubuntu 14.04 LTS : NTP vulnerabilities (USN-2783-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2783-1 advisory. Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker...

9.8CVSS7.2AI score0.81762EPSS
Exploits6References18
RedHat Linux
RedHat Linux
added 2015/04/09 5:9 a.m.4 views

krb5: kadmind doubly frees partial deserialization results (MITKRB5-SA-2015-001)

A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation XDR data. An authenticated user could use this flaw to crash the MIT Kerberos administration server kadmind, or other applications using Kerberos libraries, using specially crafted XDR packets...

9CVSS7.2AI score0.06213EPSS
Exploits0References5
Cisco
Cisco
added 2015/01/23 9:20 p.m.30 views

Cisco Unified Communications Domain Manager Platform High CPU Utilization Denial of Service Vulnerability

A vulnerability in Cisco Unified Communications Domain Manager Platform Software could allow an unauthenticated, remote attacker to cause high CPU utilization, which may affect the performance of the system and make some services unavailable. The vulnerability is due to insufficient implementatio...

5CVSS6.3AI score0.02374EPSS
Exploits0References1
Mageia
Mageia
added 2014/06/27 3:8 p.m.43 views

Updated gnupg & gnupg2 packages fixes CVE-2014-4617

Updated gnupg and gnupg2 packages fix security vulnerability: GnuPG versions before 1.4.17 and 2.0.24 are vulnerable to a denial of service which can be caused by garbled compressed data packets which may put gpg into an infinite loop CVE-2014-4617...

5CVSS6.1AI score0.03305EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/06/24 12:0 a.m.16 views

FreeBSD : gnupg -- possible DoS using garbled compressed data packets (1c840eb9-fb32-11e3-866e-b499baab0cbe)

Werner Koch reports : This release includes a security fix to stop a possible DoS using garbled compressed data packets which can be used to put gpg into an infinite loop. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...

5.4AI score
Exploits0References3
FreeBSD
FreeBSD
added 2014/06/23 12:0 a.m.8 views

gnupg -- possible DoS using garbled compressed data packets

Werner Koch reports: This release includes a security fix to stop a possible DoS using garbled compressed data packets which can be used to put gpg into an infinite loop...

1.7AI score
Exploits0References2
seebug.org
seebug.org
added 2014/04/03 12:0 a.m.42 views

Zyxel P660系列路由器拒绝服务漏洞

Bugtraq ID:66570 CVE ID:CVE-2013-3588 Zyxel P660是路由器系列产品。 Zyxel P660系列路由器的Web管理接口在解析大量SYN数据包时,在实现上存在拒绝服务漏洞,这可造成设备重载,导致拒绝服务。 0 ZyXEL P660 目前没有详细解决方案: http://www.zyxel.com/index.php...

7.8CVSS6.6AI score0.02189EPSS
Exploits1
seebug.org
seebug.org
added 2014/03/21 12:0 a.m.31 views

Wireshark RLC Dissector 'packet-rlc.c'拒绝服务漏洞

Bugtraq ID:66072 CVE ID:CVE-2014-2283 Wireshark(前称Ethereal)是一款非常流行的开源网络流量分析软件。 由于程序没有正确处理某些类型的数据包,攻击者可以利用漏洞是受影响程序崩溃。 0 MandrakeSoft Enterprise Server 5 x8664 MandrakeSoft Enterprise Server 5 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.wireshark.org/...

4.3CVSS0.2AI score0.02718EPSS
Exploits2
Prion
Prion
added 2013/07/31 1:20 p.m.12 views

Buffer overflow

Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted...

9.3CVSS8.4AI score0.03769EPSS
Exploits0References2Affected Software1
myhack58
myhack58
added 2013/03/18 12:0 a.m.22 views

PhpCmsV9 a SQL injection, the official demo can be caught-vulnerability warning-the black bar safety net

Brief description: Somewhere the filter is not made, resulting in the injection. Detailed description: After registration modify birthday, intercept data packets, to modify infobirthday infobirthday=SELECT 1 FROM select count,concatfloorrand02,substringselect concatusername,0x5f, password, 0x5f,...

1.5AI score
Exploits0
The Hacker News
The Hacker News
added 2012/12/28 1:36 p.m.11 views

Android Malware that can DDoS Attacks from your smartphone

The Russian anti-virus vendor Doctor Web has found a new malicious program for Android which allows hacker groups to carry out mobile denial of service attacks. While it's not entirely clear how the Trojan is spread, researchers suspect that the attackers use social engineering tactics since the...

6.7AI score
Exploits0
myhack58
myhack58
added 2008/01/16 12:0 a.m.12 views

Hundred at buy e-Commerce system several vulnerability analysis-vulnerability warning-the black bar safety net

Author: ninty The company allows to go online to find some ready-made code. After doing the Site any good direct copy of. This find could spit blood. I will only find injection and cross-site vulnerabilities. Which bit of the cow anyone tell me what the more Common Vulnerabilities? A, injection 1...

7.6AI score
Exploits0
OSV
OSV
added 2004/08/18 4:0 a.m.2 views

DEBIAN-CVE-2004-0433

Multiple buffer overflows in the Real-Time Streaming Protocol RTSP client for 1 MPlayer before 1.0pre4 and 2 xine lib xine-lib before 1-rc4, when playing Real RTSP realrtsp streams, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URLs, b lo...

10CVSS8.1AI score0.05116EPSS
Exploits0References1
Rows per page
Query Builder