Lucene search
K

2129 matches found

FreeBSD Advisory
FreeBSD Advisory
added 2019/05/14 12:0 a.m.17 views

FreeBSD-SA-19:06.pf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:06.pf Security Advisory The FreeBSD Project Topic: ICMP/ICMP6 packet filter bypass in pf Category: contrib Module: pf Announced: 2019-05-14 Credits: Synackti...

7.5CVSS7.1AI score0.03339EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2019/05/01 12:0 a.m.6 views

PT-2019-2054 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance versions affected versions not specified Cisco Firepower 2100 Series running Cisco Adaptive Security Appliance ASA Software versions affected versions not specified Description: The issue is related to a logi...

8.6CVSS8.4AI score0.0107EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2019/05/01 12:0 a.m.4 views

PT-2019-2041 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: A vulnerability in the Internet Key Exchange Version 2 Mobility and...

8.6CVSS8.5AI score0.02039EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/04/19 12:0 a.m.4 views

The vulnerability of the TCP/IP protocol implementation in the Windows operating system allows a perpetrator to compromise the confidentiality of the protected information.

The vulnerability of the TCP/IP protocol implementation in the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality of protected information by using specially crafted fragmented IP...

5.3CVSS7.3AI score0.07877EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.6 views

The vulnerability of the Network Address Translation implementation in the Cisco IOS operating system allows a hacker to induce a service failure.

The vulnerability of the Network Address Translation 64 NAT64 implementation in Cisco IOS operating systems exists due to errors in the processing of IPv4 packets. Exploiting this vulnerability can allow a remote attacker to cause a system to stop responding or restart the device, resulting in...

7.8CVSS7.4AI score0.02516EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/04/12 12:0 a.m.21 views

The vulnerability in the web interface of the microprogramming software for Cisco IP Phones series 8800 allows a perpetrator to cause a service failure.

The vulnerability of the web interface of Cisco IP phones—IP Phone 8800, IP Conference Phone 8832, IP Phone 8821, and IP Phone 8821-EX—is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.2AI score0.01939EPSS
Exploits0References2
CNVD
CNVD
added 2019/03/28 12:0 a.m.12 views

Cisco IOS NAT64 Denial of Service Vulnerability

Cisco IOS is the United States Cisco Cisco company's set of operating system developed for its network equipment. A denial of service vulnerability exists in the Network Address Translation 64 NAT64 feature of Cisco IOS, which arises from the program's failure to properly process IPv4 packet...

8.6CVSS6.8AI score0.02516EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/03/27 12:0 a.m.5 views

The vulnerability of the SetStaticRouteIPv6Settings() function in D-Link’s router software allows a hacker to execute arbitrary code.

The vulnerability of the SetStaticRouteIPv6Settings function in D-Link’s microprogrammed router software is related to insufficient cleaning of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS8AI score0.06354EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2019/03/07 12:0 a.m.2 views

Cisco Application Policy Infrastructure Controller Access Control Error Vulnerability

Cisco Application Policy Infrastructure Controller APIC is an automated infrastructure deployment and governance solution from Cisco. An access control error vulnerability exists in the management interface in Cisco APIC, which stems from the program's lack of an access control mechanism for IPv6...

6.5CVSS6.9AI score0.00615EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/02/19 12:0 a.m.4 views

The vulnerability of JunOS operating system’s network firewall filter, allowing a hacker to execute arbitrary code

The vulnerability of JunOS’s network firewall filter is related to errors in the processing of IPv6 packets. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted IPv6 packet...

5.8CVSS6.4AI score0.01155EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/02/11 12:0 a.m.9 views

PT-2019-10115

Name of the Vulnerable Software and Affected Versions: Bitcoin Core versions 0.12.0 through 0.17.1 Bitcoin Knots versions 0.12.0 through 0.17.x before 0.17.1.knots20181229 Description: The issue allows local users to exploit Incorrect Access Control, potentially leading to currency theft. This is...

5.5CVSS6.1AI score0.00349EPSS
Exploits0References18
OSV
OSV
added 2019/01/31 7:29 p.m.7 views

CVE-2018-15517

The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ U...

8.6CVSS5.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/01/23 12:0 a.m.9 views

The vulnerability of the JunOS operating system allows attackers to carry out attacks using predictable IP IDs.

The vulnerability of the JunOS operating system is related to the predictability of port IP IDs. Exploiting this vulnerability allows a remote attacker to carry out attacks using predictable IP IDs...

9.3CVSS7.8AI score0.01726EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/01/15 9:29 p.m.4 views

CVE-2019-0013

The routing protocol daemon RPD process will crash and restart when a specific invalid IPv4 PIM Join packet is received. While RPD restarts after a crash, repeated crashes can result in an extended Denial of Service DoS condition. This issue only affects IPv4 PIM. IPv6 PIM is unaffected by this...

7.5CVSS5.8AI score0.01706EPSS
Exploits0References2
OSV
OSV
added 2019/01/15 9:29 p.m.4 views

CVE-2019-0005

On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. This issue may allow IPv6 packets that should have been blocked to be forwarded. IPv4 packet filtering is unaffected by this vulnerability. Affected...

5.3CVSS5.8AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2019/01/15 12:0 a.m.5 views

The vulnerability of the Cisco IOS XE operating system’s IPsec driver and the Cisco Adaptive Security Appliance network interface card software allows a attacker to trigger a device reboot.

The vulnerability of the Cisco IOS XE operating system and Cisco Adaptive Security Appliance network interface software’s IPsec driver is related to errors in the processing of IPsec authentication header AH packets or encapsulated payload ESP packets. Exploiting this vulnerability can allow a...

8.6CVSS7.5AI score0.16221EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/01/10 12:0 a.m.6 views

The vulnerability of the Windows operating system, related to errors in processing fragmented IP packets by the stack, allows a hacker to disclose sensitive information that is protected.

The vulnerability of the Windows operating system is related to errors in processing fragmented IP packets. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information using specially crafted fragmented IP packets...

5.9CVSS6.8AI score0.08421EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2018/12/25 12:0 a.m.9 views

The vulnerability of the Qualcomm Modem IP Stack component in the Android operating system allows a hacker to induce a service failure.

The vulnerability of the Qualcomm Modem IP Stack component in the Android operating system is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.8CVSS7.8AI score0.01269EPSS
Exploits0References2
CNVD
CNVD
added 2018/12/20 12:0 a.m.3 views

Binary Vulnerability in Hikvision Video Playback Library SDK

Hikvision Playback Library SDK is a secondary development kit related to playback of Hikvision embedded network DVRs, video servers, and supporting products for IP devices. A binary vulnerability exists in the Hikvision Video Playback Library SDK. An attacker can exploit the vulnerability to caus...

6.8AI score
Exploits0
CNVD
CNVD
added 2018/12/13 12:0 a.m.5 views

Denial of Service Vulnerability in Multiple Rockwell Automation Products

Rockwell Automation MicroLogix 1400 Controllers Series A and others are programmable logic controllers from Rockwell Automation. A security vulnerability exists in several Rockwell Automation products that stems from a lack of authentication in the program. An attacker could exploit this...

8.6CVSS7AI score0.043EPSS
Exploits0References1
Rows per page
Query Builder