EUVD-2024-37029

Malicious code in bioql PyPI...

CVE-2024-37018

The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets...

CVE-2024-37018

The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an application can manipulate the path that is taken by discovery packets...

CVE-2024-37018

OpenDaylight 0.15.3 is affected by a vulnerability allowing topology poisoning via API requests that can manipulate the path of discovery packets. Likely impact is elevated risk to topology integrity with network-facing exposure (attack vector: network, complexity: low, privileges: none, user int...

DEBIAN-CVE-2021-41229

BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...

Zyxel GS1900-8 跨站脚本漏洞

The Zyxel GS1900-8 is an intelligent managed switch with gigabit speeds and basic management features from Taiwan, China-based Hopkins Zyxel that brings greater flexibility and connectivity to users' business networks. A cross-site scripting vulnerability exists in the Zyxel GS1900-8 firmware,...

CVE-2021-26111

A missing release of memory after effective lifetime vulnerability in FortiSwitch 6.4.0 to 6.4.6, 6.2.0 to 6.2.6, 6.0.0 to 6.0.6, 3.6.11 and below may allow an attacker on an adjacent network to exhaust available memory by sending specifically crafted LLDP/CDP/EDP packets to the device...

The vulnerability of the UPnP component of the D-Link DIR-816L network device’s microprogramming software allows a intruder to execute any command they desire.

The vulnerability of the Plug and Play UPnP component of the D-Link DIR-816L network device exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by entering useful payloads into the Search...

DEBIAN-CVE-2020-27827

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability...

CVE-2020-27541

Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service has a bug in parsing broadcast discovery UDP packet. Sending a packet of too small size will lead to an attempt of allocating buffer of negative size. As the result service AgentGreen will be terminated and start...

CVE-2020-15893

An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play UPnP is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target ST field of the SSDP M-SEARCH discover packet...

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system arises due to buffer overflows. Exploiting this vulnerability can allow an attacker to cause a service failure abnormal shutdown by using specially crafted LLDP packets...

CVE-2016-1330

Cisco IOS 15.24E on Industrial Ethernet 2000 devices allows remote attackers to cause a denial of service device reload via crafted Cisco Discovery Protocol CDP packets, aka Bug ID CSCuy27746...

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system’s IPv6 component exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by repeatedly sending ND packets...