PT-2023-2085 · Delta Electronics · Infrasuite Device Master

Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue is related to the Device-status service listening on port 10100/UDP by default, accepting unverified UDP packets, and deserializing their content. This...

CVE-2023-22881

Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service...

DEBIAN-CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

UBUNTU-CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation. A security vulnerability exists in the Linux kernel, which stems from a problem with the while loop in tipclinkxmit when trying to parse a SKB that is not in a queue, and can be exploited to cause ...

Zoom Client 缓冲区错误漏洞

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A buffer error vulnerability exists in Zoom Client versions prior to 5.13.5, which can be exploited by an attacker to send specially crafted UDP traffic to a victim Zoom client, remotely causing...

Zoom Client 缓冲区错误漏洞

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A buffer error vulnerability exists in Zoom Client versions prior to 5.13.5, which can be exploited by an attacker to send specially crafted UDP traffic to a victim Zoom client, remotely causing...

DEBIAN-CVE-2023-28450

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020...

UBUNTU-CVE-2023-28450

An issue was discovered in Dnsmasq before 2.90. The default maximum EDNS.0 UDP packet size was set to 4096 but should be 1232 because of DNS Flag Day 2020...

Debian: Security Advisory (DLA-310-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the User Datagram Protocol (UDP) implementation in the Cisco IOS XE access point of the Catalyst 9100 model, which is related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the User Datagram Protocol UDP implementation in the Cisco IOS XE access point of the Catalyst 9100 model is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

CVE-2023-22747

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities result in the...

CVE-2023-22750

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities result in the...

SUSE CVE-2023-1078

A flaw was found in the Linux Kernel in RDS Reliable Datagram Sockets protocol. The rdsrmzerocopycallback uses listentry on the head of a list causing a type confusion. Local user can trigger this with rdsmessageput. Type confusion leads to struct rdsmsgzcopyinfo info actually points to something...

USN-5897-1 openjdk-17, openjdk-19, openjdk-lts vulnerabilities

Juraj Somorovsky, Marcel Maehren, Nurullah Erinola, and Robert Merget discovered that the DTLS implementation in the JSSE subsystem of OpenJDK did not properly restrict handshake initiation requests from clients. A remote attacker could possibly use this to cause a denial of service. CVE-2023-218...

SUSE CVE-1999-0103

Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm...

SUSE CVE-2002-2443

schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 aka krb5 before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service CPU and bandwidth consumption via a forged packet that triggers a communication loop, as...

SUSE CVE-2004-0558

The Internet Printing Protocol IPP implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service service hang via a certain UDP packet to the IPP port...

SUSE CVE-2005-1175

Heap-based buffer overflow in the Key Distribution Center KDC in MIT Kerberos 5 krb5 1.4.1 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a certain valid TCP or UDP request...

SUSE CVE-2005-3252

Stack-based buffer overflow in the Back Orifice BO preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet...