2129 matches found
FreeBSD-SA-19:06.pf
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:06.pf Security Advisory The FreeBSD Project Topic: ICMP/ICMP6 packet filter bypass in pf Category: contrib Module: pf Announced: 2019-05-14 Credits: Synackti...
PT-2019-2054 · Cisco · Cisco Asa +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions affected versions not specified Cisco Firepower 2100 Series running Cisco Adaptive Security Appliance ASA Software versions affected versions not specified Description: The issue is related to a logi...
PT-2019-2041 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Internet Key Exchange Version 2 Mobility and...
The vulnerability of the TCP/IP protocol implementation in the Windows operating system allows a perpetrator to compromise the confidentiality of the protected information.
The vulnerability of the TCP/IP protocol implementation in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of protected information by using specially crafted fragmented IP...
The vulnerability of the Network Address Translation implementation in the Cisco IOS operating system allows a hacker to induce a service failure.
The vulnerability of the Network Address Translation 64 NAT64 implementation in Cisco IOS operating systems exists due to errors in the processing of IPv4 packets. Exploiting this vulnerability can allow a remote attacker to cause a system to stop responding or restart the device, resulting in...
The vulnerability in the web interface of the microprogramming software for Cisco IP Phones series 8800 allows a perpetrator to cause a service failure.
The vulnerability of the web interface of Cisco IP phones—IP Phone 8800, IP Conference Phone 8832, IP Phone 8821, and IP Phone 8821-EX—is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Cisco IOS NAT64 Denial of Service Vulnerability
Cisco IOS is the United States Cisco Cisco company's set of operating system developed for its network equipment. A denial of service vulnerability exists in the Network Address Translation 64 NAT64 feature of Cisco IOS, which arises from the program's failure to properly process IPv4 packet...
The vulnerability of the SetStaticRouteIPv6Settings() function in D-Link’s router software allows a hacker to execute arbitrary code.
The vulnerability of the SetStaticRouteIPv6Settings function in D-Link’s microprogrammed router software is related to insufficient cleaning of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Cisco Application Policy Infrastructure Controller Access Control Error Vulnerability
Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. An access control error vulnerability exists in the management interface in Cisco APIC, which stems from the program's lack of an access control mechanism for IPv6...
The vulnerability of JunOS operating system’s network firewall filter, allowing a hacker to execute arbitrary code
The vulnerability of JunOS’s network firewall filter is related to errors in the processing of IPv6 packets. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted IPv6 packet...
PT-2019-10115
Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions 0.12.0 through 0.17.1 Bitcoin Knots versions 0.12.0 through 0.17.x before 0.17.1.knots20181229 Description: The issue allows local users to exploit Incorrect Access Control, potentially leading to currency theft. This is...
CVE-2018-15517
The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...
The vulnerability of the JunOS operating system allows attackers to carry out attacks using predictable IP IDs.
The vulnerability of the JunOS operating system is related to the predictability of port IP IDs. Exploiting this vulnerability allows a remote attacker to carry out attacks using predictable IP IDs...
CVE-2019-0013
The routing protocol daemon RPD process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service DoS condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this...
CVE-2019-0005
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...
The vulnerability of the Cisco IOS XE operating system’s IPsec driver and the Cisco Adaptive Security Appliance network interface card software allows a attacker to trigger a device reboot.
The vulnerability of the Cisco IOS XE operating system and Cisco Adaptive Security Appliance network interface software’s IPsec driver is related to errors in the processing of IPsec authentication header AH packets or encapsulated payload ESP packets. Exploiting this vulnerability can allow a...
The vulnerability of the Windows operating system, related to errors in processing fragmented IP packets by the stack, allows a hacker to disclose sensitive information that is protected.
The vulnerability of the Windows operating system is related to errors in processing fragmented IP packets. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information using specially crafted fragmented IP packets...
The vulnerability of the Qualcomm Modem IP Stack component in the Android operating system allows a hacker to induce a service failure.
The vulnerability of the Qualcomm Modem IP Stack component in the Android operating system is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
Binary Vulnerability in Hikvision Video Playback Library SDK
Hikvision Playback Library SDK is a secondary development kit related to playback of Hikvision embedded network DVRs, video servers, and supporting products for IP devices. A binary vulnerability exists in the Hikvision Video Playback Library SDK. An attacker can exploit the vulnerability to caus...
Denial of Service Vulnerability in Multiple Rockwell Automation Products
Rockwell Automation MicroLogix 1400 Controllers Series A and others are programmable logic controllers from Rockwell Automation. A security vulnerability exists in several Rockwell Automation products that stems from a lack of authentication in the program. An attacker could exploit this...