Lucene search
K

1921 matches found

CNNVD
CNNVD
added 2022/09/01 12:0 a.m.7 views

Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor 安全漏洞

The Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor is a vital signs patient monitor from Contec Japan. The Contec Health CMS8000 CONTEC ICU CCU Vital Signs Patient Monitor suffers from a security vulnerability that stems from a failure of the CMS800 device when attempting to par...

7.5CVSS7.2AI score0.00768EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/08/18 12:0 a.m.5 views

The vulnerability of the “SIP ALG” module (SIP Application Layer Gateway) in the Realtek SDK for the eCos operating system allows a hacker to execute arbitrary code.

The vulnerability of the “SIP ALG” module SIP Application Layer Gateway in the Realtek SDK for the eCos operating system is related to buffer overflow in the stack. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted UDP packet...

10CVSS8.6AI score0.3708EPSS
Exploits2References4Affected Software2
ATTACKERKB
ATTACKERKB
added 2022/08/08 4:15 p.m.2 views

CVE-2022-34293

wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped...

7.5CVSS7.1AI score0.01185EPSS
Exploits0References3
OSV
OSV
added 2022/08/08 4:15 p.m.3 views

UBUNTU-CVE-2022-34293

wolfSSL before 5.4.0 allows remote attackers to cause a denial of service via DTLS because a check for return-routability can be skipped...

7.5CVSS7.1AI score0.01185EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/08 12:0 a.m.6 views

Wolfssl 安全漏洞

Wolfssl CyaSSL is a small, portable embedded SSL programming library for embedded systems developers from Wolfssl, Inc. A security vulnerability exists in Wolfssl versions prior to 5.4.0, which stems from the fact that its return route check can be bypassed to allow an attacker to implement a...

7.5CVSS7.2AI score0.01185EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/07/29 12:0 a.m.4 views

Eclipse Californium 安全漏洞

Eclipse Californium is a Java-based codebase from the Eclipse Foundation that provides Coap backend support for the Internet of Things. A security vulnerability exists in Eclipse Californium versions 2.0.0 through 2.7.2 and 3.0.0 through 3.5.0, which stems from the vulnerability of the DTLS stack...

7.5CVSS7.2AI score0.00507EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.17 views

Fedora: Security Advisory for golang-github-j-keck-arping (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS9.1AI score0.05994EPSS
Exploits3References2
OSV
OSV
added 2022/07/15 2:15 p.m.1 views

UBUNTU-CVE-2022-35409

An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information...

9.1CVSS7.3AI score0.01831EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2022/07/13 12:0 a.m.4 views

PT-2022-22810

Name of the Vulnerable Software and Affected Versions Mbed TLS versions prior to 2.28.1 Mbed TLS versions 3.x prior to 3.2.0 Description An issue was discovered in Mbed TLS where an unauthenticated attacker can send an invalid ClientHello message to a DTLS server, causing a heap-based buffer...

9.1CVSS8.1AI score0.01831EPSS
Exploits1References53
ATTACKERKB
ATTACKERKB
added 2022/07/06 5:15 p.m.5 views

CVE-2022-34598

The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands...

9.8CVSS6.1AI score0.05308EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/07/01 12:0 a.m.3 views

The vulnerability of microprogrammed software in communication modules of SIMATIC CP 1543-1 and SIPLUS NET CP arises from insufficient validation of input data. This allows attackers to trigger service failures.

The vulnerability of microprogrammed communication module software for SIMATIC CP 1543-1 and SIPLUS NET CP is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause service failures by sending specially crafted packets to port 161/udp...

5.3CVSS6.5AI score0.03624EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/07/01 12:0 a.m.5 views

The vulnerability of the UDP protocol implementation in Cisco IOS XE and Cisco IOS operating systems allows a hacker to induce a service failure.

The vulnerability of UDP protocol implementations in Cisco IOS XE and Cisco IOS lies in the absence of proper closure of UDP sockets. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

7.8CVSS7.1AI score0.06042EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/06/08 12:0 a.m.4 views

The vulnerability of the connection processing function in Cisco Firepower Threat Defense’s microprogrammed network interface devices allows a attacker to trigger a service failure.

The vulnerability of the connection processing function in Cisco Firepower Threat Defense’s microprogrammed network interface controllers is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sending...

8.6CVSS7.2AI score0.01166EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/02 12:0 a.m.5 views

The vulnerability of the evaluation function of the intrusion detection rules of the Snort system’s microprogramming software for Cisco Firepower Threat Defense (FTD) allows a perpetrator to trigger a service failure.

The vulnerability of the evaluation function of the intrusion detection rules of Cisco Firepower Threat Defense FTD is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to trigger a service failure using specially created UDP packets...

8.6CVSS7.2AI score0.0156EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/21 12:15 a.m.4 views

DEBIAN-CVE-2022-29222

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...

7.5CVSS7.3AI score0.00702EPSS
Exploits0References1
NVD
NVD
added 2022/05/21 12:15 a.m.12 views

CVE-2022-29190

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available...

7.5CVSS0.01484EPSS
Exploits0References3
OSV
OSV
added 2022/05/21 12:15 a.m.2 views

DEBIAN-CVE-2022-29189

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could explo...

5.3CVSS6AI score0.0183EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/05/21 12:15 a.m.27 views

CVE-2022-29222

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...

7.5CVSS7.1AI score0.00702EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2022/05/21 12:15 a.m.23 views

CVE-2022-29190

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, an attacker can send packets that sends Pion DTLS into an infinite loop when processing. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available...

7.5CVSS7.1AI score0.01484EPSS
Exploits0References7
OSV
OSV
added 2022/05/21 12:15 a.m.3 views

UBUNTU-CVE-2022-29222

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...

7.5CVSS7.1AI score0.00702EPSS
Exploits0References8
Rows per page
Query Builder