Lucene search
+L

2129 matches found

bdu_fstec
bdu_fstec
added 2019/10/03 12:0 a.m.6 views

The vulnerability in the implementation of ISDN functions in the Cisco IOS XE operating system for Cisco 4000 Series Integrated Services Routers allows a attacker to transmit IPv4 traffic through an unauthenticated ISDN connection for several seconds, from the initial setup of the ISDN connection until a failure in authentication of the PPP connection occurs.

The vulnerability of the Cisco IOS XE operating system’s ISDN function implementation for Cisco 4000 Series Integrated Services Routers is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to transmit IPv4 traffic through an unauthenticated...

4.7CVSS5.5AI score0.01425EPSS
Exploits0References2Affected Software1
cnvd
cnvd
added 2019/09/28 12:0 a.m.2 views

Zcash Unspecified Vulnerability in Zcashd

Zcash is a decentralized open source data currency. zcashd is the daemon for Zcash. An unspecified vulnerability in Zcashd in versions prior to Zcash 2.0.7-3 can be exploited by an attacker to disclose the IP address of a full node with a masked IP address...

5.3CVSS6.7AI score0.01636EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2019/09/27 12:0 a.m.6 views

The vulnerability of the IPv6 traffic processing service of the Cisco NX-OS operating system allows a attacker to trigger a service failure.

The vulnerability of the IPv6 traffic processing service of the Cisco NX-OS operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

8.6CVSS5.5AI score0.01929EPSS
Exploits0References2Affected Software1
cnvd
cnvd
added 2019/09/26 12:0 a.m.4 views

Cisco IOS XE UTD Denial of Service Vulnerability

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A denial of service vulnerability exists in the Unified Threat Defense UTD feature of Cisco IOS XE. The vulnerability stems from improper authentication of IPv6 packets by the UTD...

8.6CVSS6.8AI score0.01983EPSS
Exploits0References1
osv
osv
added 2019/09/24 8:15 p.m.2 views

DEBIAN-CVE-2019-16410

An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of headerlen checking...

9.1CVSS7.3AI score0.02055EPSS
Exploits0References1
osv
osv
added 2019/09/18 7:15 p.m.4 views

CVE-2019-9680

Some Dahua products have information leakage issues. Attackers can obtain the IP address and device model information of the device by constructing malicious data packets. Affected products include:...

5.3CVSS6.1AI score0.01435EPSS
Exploits0References1
cnvd
cnvd
added 2019/09/17 12:0 a.m.6 views

Google Chrome IP Address Spoofing Vulnerability

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome versions prior to 77.0.3865.75. A remote attacker can exploit the vulnerability to spoof IP addresses with the help of a specially crafted website...

5.3CVSS8.5AI score0.00629EPSS
Exploits0References1
osv
osv
added 2019/09/13 5:15 p.m.5 views

CVE-2018-7081

A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code with...

9.8CVSS6.5AI score0.05851EPSS
Exploits1References2
thn
thn
added 2019/08/30 6:2 p.m.2 views

Foxit PDF Software Company Suffers Data Breach—Asks Users to Reset Password

If you have an online account with Foxit Software, you need to reset your account password immediately—as an unknown attacker has compromised your personal data and log-in credentials. Foxit Software, a company known for its popular lightweight Foxit PDF Reader and PhantomPDF applications being...

6.7AI score
Exploits0
cnvd
cnvd
added 2019/08/28 12:0 a.m.3 views

Edimax BR-6208AC Cross-Router Covert Channel Vulnerability (CNVD-2019-30061)

The Edimax BR-6208AC is a wireless concurrent dual-band router. A cross-router hidden channel vulnerability exists in the Edimax BR-6208AC V1. The vulnerability stems from insufficient isolation between host and client networks established by the same device. The vulnerability can be exploited by...

8.8CVSS6.9AI score0.00913EPSS
Exploits1References1
gitee
gitee
added 2019/08/18 6:35 p.m.4 views

maltrail

This is a defensive blue-team research and threat mitigation analysis of the Maltrail repository. The repository is a malicious traffic detection system that can be used to identify and block malicious traffic. The analysis reveals that the Maltrail system uses a combination of IP address and...

6.9AI score
Exploits0
cnvd
cnvd
added 2019/08/07 12:0 a.m.3 views

MicroDigital N-series cameras buffer overflow vulnerability (CNVD-2019-33868)

The MicroDigital N-series cameras series are IP cameras from MicroDigital. A buffer overflow vulnerability exists in MicroDigital N-series cameras. An attacker could exploit this vulnerability to cause a denial of service...

7.5CVSS7.2AI score0.02087EPSS
Exploits0References1
cnvd
cnvd
added 2019/07/29 12:0 a.m.4 views

Ziggy's Fortress has an information leakage vulnerability

Zhejiang Qiji Technology Co., Ltd. is a company mainly engaged in computer hardware and software, network products, technology development and other projects. An information leakage vulnerability exists in Qiji Fortress, which can be exploited by an attacker to obtain confidential information suc...

6.6AI score
Exploits0
cnvd
cnvd
added 2019/07/29 12:0 a.m.15 views

Wind River Systems VxWorks Buffer Overflow Vulnerability

Wind River Systems VxWorks is an embedded real-time operating system RTOS from Wind River Systems. A buffer overflow vulnerability exists in the parsing of IP options on IPv4 packets in Wind River Systems VxWorks versions 7 and 6.9. An attacker could use this vulnerability to cause the tNet0 task...

9.8CVSS7.6AI score0.26629EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2019/07/29 12:0 a.m.5 views

PT-2019-4726 · Wind River · Vxworks

Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 6.9 through vx7 Description: The issue is related to a buffer overflow in the IPv4 component, specifically a stack overflow when parsing IPv4 packets' IP options. This can be exploited by a remote attacker to execu...

10CVSS9.7AI score0.26629EPSS
Exploits0References14
bdu_fstec
bdu_fstec
added 2019/07/16 12:0 a.m.7 views

The vulnerability of the microprogrammed software in Cisco IP Phone models series 8800 and 7800, related to insufficient checking of SIP initiation packets, allows attackers to cause service failures.

The vulnerability of the microprogrammed software in Cisco IP Phone models series 8800 and 7800 is related to insufficient checking of incoming packets of the Session Initiation Protocol SIP. Exploiting this vulnerability can allow a malicious actor to cause service failures...

5.4CVSS5.5AI score0.01317EPSS
Exploits0References3
osv
osv
added 2019/07/05 11:15 p.m.3 views

DEBIAN-CVE-2019-10638

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...

6.5CVSS7.9AI score0.02571EPSS
Exploits0References1
osv
osv
added 2019/06/10 6:29 p.m.3 views

CVE-2019-12786

An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a command injection in HNAP1 SetWanSettings via an XML injection of the value of the IPAddress key...

8.8CVSS5.8AI score
Exploits0References1
bdu_fstec
bdu_fstec
added 2019/05/16 12:0 a.m.5 views

The vulnerability of Cisco Adaptive Security Appliance and Cisco Firepower 2100 microprogramming-based network interface controllers lies in the improper processing of IPsec sessions by the software cryptographic module. This allows attackers to cause service interruptions.

The vulnerability of Cisco Adaptive Security Appliance and Cisco Firepower 2100 network interface controllers lies in the improper handling of IPsec sessions by the software cryptographic module. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

8.6CVSS7.5AI score0.0107EPSS
Exploits0References4Affected Software1
krebs
krebs
added 2019/05/15 10:9 p.m.69 views

A Tough Week for IP Address Scammers

In the early days of the Internet, there was a period when Internet Protocol version 4 IPv4 addresses e.g. 4.4.4.4 were given out like cotton candy to anyone who asked. But these days companies are queuing up to obtain new IP space from the various regional registries that periodically dole out t...

6.7AI score
Exploits0
Rows per page
Query Builder