PJSIP 数字错误漏洞

PJSIP is a free and open source multimedia communications library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP suffers from a numeric error vulnerability that stems from the fact that an incoming STUN message containing the ERROR-CODE...

CVE-2021-31345

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions. The total length of an UDP payload set in the IP header is unchecked. This may lead to various side effects, including...

Siemens Nucleus 安全漏洞

Capital VSTAR is a complete solution. the Nucleus NET module integrates a range of standards-compliant networking and communications protocols, drivers and utilities to provide full-featured networking support in any embedded device. the Nucleus RTOS is a microkernel-based real-time operating...

Siemens Nucleus 安全漏洞

Siemens Nucleus ReadyStart is a bundled solution from Siemens Germany. It is used to accelerate the fast start-up of complete systems and provides a rich board-level support package Bsp. A security vulnerability exists in Siemens Nucleus ReadyStart, which stems from the total length of the UDP...

PT-2021-6896 · Unknown +1 · Nucleus Source Code +10

Name of the Vulnerable Software and Affected Versions: Capital Embedded AR Classic 431-422 versions all Capital Embedded AR Classic R20-11 versions prior to V2303 PLUSCONTROL 1st Gen versions all APOGEE MBC versions all APOGEE MEC versions all APOGEE PXC versions all TALON TC versions all Nucleus...

PT-2021-20200 · Geutebrück +1 · Geutebrück Camera Devices +1

Name of the Vulnerable Software and Affected Versions: UDP Technology camera devices affected versions not specified Geutebrück camera devices affected versions not specified Description: The issue concerns command injection, potentially allowing an attacker to remotely execute arbitrary code on...

PT-2021-7066 · Linux +8 · Linux Kernel +8

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw in the processing of received ICMP errors, specifically ICMP fragment needed and ICMP redirect, allows an off-path remote user to quickly scan open UDP ports and bypass the sour...

ISC BIND 处理逻辑错误漏洞

ISC BIND is a suite of open source software from ISC that implements the DNS protocol. A Processing Logic Error vulnerability exists in ISC BIND, which originates when named attempts to respond via UDP with a response larger than the currently valid interface's Maximum Transmission Unit MTU and...

What is DDoS attack❓ — Types and how to react to them

What is DDoS attack❓ — Types and how to react to them Distributed Denial of service attacks are assaults outfitted at making a PC, a cyber-service inaccessible by congesting it with traffic from various sources. The point is ordinarily to make the computers in question stop administration by...

CVE-2021-3594

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udpinput function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or...

QEMU 缓冲区错误漏洞

QEMU is a suite of analog processor software. A security vulnerability exists in QEMU that stems from the use of memory outside of the working mbuf buffer by the function udp6input when processing udp packets from incoming guests that are smaller than the size of the udphdr structure. An attacker...

CVE-2021-27573

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can execute arbitrary code via crafted UDP packets with no prior authorization or authentication...

CVE-2021-27572

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Authentication Bypass can occur via Packet Replay. Remote unauthenticated users can execute arbitrary code via crafted UDP packets even when passwords are set...

Emote Remote Mouse 安全漏洞

Remote Mouse is an application. A remote mouse. A security vulnerability exists in Emote Remote Mouse version 4.0.0.0 and prior versions that originates from an unauthenticated remote user who can execute arbitrary code via a crafted UDP packet without prior authorization or authentication. An...

Emote Remote Mouse 安全漏洞

Remote Mouse is an application. A remote mouse. A security vulnerability exists in Emote Remote Mouse version 4.0.0.0 and prior versions, which stems from Authentication bypass can occur via packet replay. Even if a password is set, a remote unauthenticated user can execute arbitrary code via a...

PT-2021-8037 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the validation of UDP retransmission in the Linux kernel's NFS module. Specifically, it concerns the xprt calc majortimeo function, where a shift out-of-bounds...

Aruba Access Points 缓冲区错误漏洞

Aruba Instant is a cloud-hosted controller-less wireless access point. Aruba Instant has a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the underlying operating system by sending specially crafted packets to the PAPI UDP port...

IBM Elastic Storage System 安全漏洞

IBM Elastic Storage System is an appliance for data management of large data volumes from IBM in the United States. A denial of service vulnerability exists in IBM Elastic Storage System, which can be exploited by an attacker to deny service by sending a malformed UDP request...

kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints

A flaw was found in the Linux kernel. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone in between the two endpoints to read the traffic unencrypted. The main threat from this...

kernel: ICMP rate limiting can be used for DNS poisoning attack

A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentialit...