2129 matches found
The vulnerability in the implementation of ISDN functions in the Cisco IOS XE operating system for Cisco 4000 Series Integrated Services Routers allows a attacker to transmit IPv4 traffic through an unauthenticated ISDN connection for several seconds, from the initial setup of the ISDN connection until a failure in authentication of the PPP connection occurs.
The vulnerability of the Cisco IOS XE operating system’s ISDN function implementation for Cisco 4000 Series Integrated Services Routers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to transmit IPv4 traffic through an unauthenticated...
Zcash Unspecified Vulnerability in Zcashd
Zcash is a decentralized open source data currency. zcashd is the daemon for Zcash. An unspecified vulnerability in Zcashd in versions prior to Zcash 2.0.7-3 can be exploited by an attacker to disclose the IP address of a full node with a masked IP address...
The vulnerability of the IPv6 traffic processing service of the Cisco NX-OS operating system allows a attacker to trigger a service failure.
The vulnerability of the IPv6 traffic processing service of the Cisco NX-OS operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
Cisco IOS XE UTD Denial of Service Vulnerability
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the Unified Threat Defense UTD feature of Cisco IOS XE. The vulnerability stems from improper authentication of IPv6 packets by the UTD...
DEBIAN-CVE-2019-16410
An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of headerlen checking...
CVE-2019-9680
Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include:...
Google Chrome IP Address Spoofing Vulnerability
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome versions prior to 77.0.3865.75. A remote attacker can exploit the vulnerability to spoof IP addresses with the help of a specially crafted website...
CVE-2018-7081
A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code with...
Foxit PDF Software Company Suffers Data Breach—Asks Users to Reset Password
If you have an online account with Foxit Software, you need to reset your account password immediately—as an unknown attacker has compromised your personal data and log-in credentials. Foxit Software, a company known for its popular lightweight Foxit PDF Reader and PhantomPDF applications being...
Edimax BR-6208AC Cross-Router Covert Channel Vulnerability (CNVD-2019-30061)
The Edimax BR-6208AC is a wireless concurrent dual-band router. A cross-router hidden channel vulnerability exists in the Edimax BR-6208AC V1. The vulnerability stems from insufficient isolation between host and client networks established by the same device. The vulnerability can be exploited by...
maltrail
This is a defensive blue-team research and threat mitigation analysis of the Maltrail repository. The repository is a malicious traffic detection system that can be used to identify and block malicious traffic. The analysis reveals that the Maltrail system uses a combination of IP address and...
MicroDigital N-series cameras buffer overflow vulnerability (CNVD-2019-33868)
The MicroDigital N-series cameras series are IP cameras from MicroDigital. A buffer overflow vulnerability exists in MicroDigital N-series cameras. An attacker could exploit this vulnerability to cause a denial of service...
Ziggy's Fortress has an information leakage vulnerability
Zhejiang Qiji Technology Co., Ltd. is a company mainly engaged in computer hardware and software, network products, technology development and other projects. An information leakage vulnerability exists in Qiji Fortress, which can be exploited by an attacker to obtain confidential information suc...
Wind River Systems VxWorks Buffer Overflow Vulnerability
Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A buffer overflow vulnerability exists in the parsing of IP options on IPv4 packets in Wind River Systems VxWorks versions 7 and 6.9. An attacker could use this vulnerability to cause the tNet0 task...
PT-2019-4726 · Wind River · Vxworks
Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 6.9 through vx7 Description: The issue is related to a buffer overflow in the IPv4 component, specifically a stack overflow when parsing IPv4 packets' IP options. This can be exploited by a remote attacker to execu...
The vulnerability of the microprogrammed software in Cisco IP Phone models series 8800 and 7800, related to insufficient checking of SIP initiation packets, allows attackers to cause service failures.
The vulnerability of the microprogrammed software in Cisco IP Phone models series 8800 and 7800 is related to insufficient checking of incoming packets of the Session Initiation Protocol SIP. Exploiting this vulnerability can allow a malicious actor to cause service failures...
DEBIAN-CVE-2019-10638
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...
CVE-2019-12786
An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key...
The vulnerability of Cisco Adaptive Security Appliance and Cisco Firepower 2100 microprogramming-based network interface controllers lies in the improper processing of IPsec sessions by the software cryptographic module. This allows attackers to cause service interruptions.
The vulnerability of Cisco Adaptive Security Appliance and Cisco Firepower 2100 network interface controllers lies in the improper handling of IPsec sessions by the software cryptographic module. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
A Tough Week for IP Address Scammers
In the early days of the Internet, there was a period when Internet Protocol version 4 IPv4 addresses e.g. 4.4.4.4 were given out like cotton candy to anyone who asked. But these days companies are queuing up to obtain new IP space from the various regional registries that periodically dole out t...