USN-4454-1 samba vulnerability

Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service...

Lindy 42633 Elevation of Privilege Vulnerability

The Lindy 42633 is a 4-port USB 2.0 Gigabit network server. An elevation of privilege vulnerability exists in the Lindy 42633 2.078.000. The vulnerability stems from the ability to discover the administrative password by sniffing unencrypted UDP traffic. An attacker on the same network could use...

CVE-2020-15062

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic...

CVE-2020-15054

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic...

CVE-2020-15054

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic...

The vulnerability of the programmatically defined Cisco SD-WAN, related to errors in checking certain fields of protocol messages encapsulated in UDP packets, allows a attacker to cause service failure.

The vulnerability of the programmatically defined Cisco SD-WAN involves errors during the verification of certain fields in the protocol messages encapsulated in UDP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2020-3351

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper validation of fields in Cisco SD-WAN peering messages that are encapsulated in UDP packets. An attacker could exploit...

ALPINE-CVE-2020-14303

A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash...

Tenda PA6 Wi-Fi Powerline extender denial of service vulnerability

Tenda PA6 Wi-Fi Powerline extender is a wireless network range extender from Tenda China. A security vulnerability exists in the 'homeplugd' process in the Tenda PA6 Wi-Fi Powerline extender version 1.0.1.21. An attacker can exploit the vulnerability by sending specially crafted UDP packets to...

The vulnerability of the statem/statemdtls.c component in the OpenSSL library, which allows a hacker to cause a service failure.

The vulnerability of the statem/statemdtls.c component in the OpenSSL library is related to a resource management mechanism error. Exploiting this vulnerability could allow an attacker to cause service interruptions through a specially created DTLS message...

CVE-2019-19506

Tenda PA6 Wi-Fi Powerline extender 1.0.1.21 is vulnerable to a denial of service, caused by an error in the "homeplugd" process. By sending a specially crafted UDP packet, an attacker could exploit this vulnerability to cause the device to reboot...

Treck IPv4/UDP stack mishandling vulnerability

Treck TCP/IP is a suite of TCP Transmission Control Protocol/IP Internet Interconnection Protocol from Treck, Inc. dedicated to embedded systems. A security vulnerability exists in the Treck IPv4/UDP stack that stems from the program's failure to properly handle differences in the length paramete...

artemis/hornetq: memory exhaustion via UDP and JGroups discovery

It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError...

net-snmp: NULL pointer exception in snmp_oid_compare in snmplib/snmp_api.c resulting in a denial of service

snmpoidcompare in snmplib/snmpapi.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service...

The vulnerability of the Simatic programmable logic controller’s software, related to resource exhaustion, allows a intruder to trigger a service failure.

The vulnerability of the Simatic programmable logic controller’s software is related to the exhaustion of resources. Exploiting this vulnerability allows a malicious actor to cause service failures by sending specially crafted UDP packets...

The vulnerabilities of SIPROTEC relay protection devices stem from insufficient validation of input data, allowing attackers to trigger malfunctions in the service.

The vulnerability of SIPROTEC relay protection devices is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to trigger a service failure using specially created packets sent to port 50000/UDP...

Multiple Mitsubishi Electric Products Resource Management Error Vulnerability

The Misubishi Electric MELSEC iQ-R series is a programmable logic controller from Misubishi Electric. A resource management error vulnerability exists in several Mitsubishi Electric products. An attacker could cause a denial of service by sending a large amount of data to the MELSOFT transport po...

DEBIAN-CVE-2019-20797

An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by ISendPacket or ISendPacketTo in inetwork.c...

UBUNTU-CVE-2019-20797

An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by ISendPacket or ISendPacketTo in inetwork.c...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. The vulnerability exists due to a flaw in the Datagram Congestion Control Protocol DCCP packets in the skbheaderpointer function allowing an attacker to send a maliciously crafted DCCP packet to crash the system...