470 matches found
Cisco Catalyst 9800 Series Wireless Controllers IOS XE Input Validation Error Vulnerability
Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. An input validation error vulnerability exists in the Flexible NetFlow version 9 packet processor for IOS XE in Cisco Catalyst 9800 Series Wireless Controllers. An attacker could...
CVE-2020-3221
A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper...
CVE-2020-3221
A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper...
Input validation
A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper...
CVE-2020-3221
Cisco IOS XE Software on Catalyst 9800 Series Wireless Controllers has a DoS vulnerability in the Flexible NetFlow Version 9 packet processor due to improper validation of NetFlow V9 records. An unauthenticated remote attacker can send malformed NetFlow V9 packets to the CAPWAP data port, causing...
CVE-2020-3221 Cisco IOS XE Software Flexible NetFlow Version 9 Denial of Service Vulnerability
A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper...
CVE-2020-3221 Cisco IOS XE Software Flexible NetFlow Version 9 Denial of Service Vulnerability
A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper...
Cisco IOS XE Software Flexible NetFlow Version 9 Denial of Service Vulnerability
A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper...
GLSA-202003-17 : nfdump: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202003-17 nfdump: Multiple vulnerabilities Multiple vulnerabilities have been discovered in nfdump. Please review the CVE identifiers referenced below for details. Impact : A remote attacker, by sending specially crafted...
nfdump: Multiple vulnerabilities
Background nfdump is a toolset in order to collect and process netflow and sflow data, sent from netflow/sflow compatible devices. Description Multiple vulnerabilities have been discovered in nfdump. Please review the CVE identifiers referenced below for details. Impact A remote attacker, by...
CVE-2020-8947
functionsnetflow.php in Artica Pandora FMS 7.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the index.php?operation/netflow/nfliveview ipdst, dstport, or srcport parameter, a different vulnerability than CVE-2019-20224...
CVE-2020-8947
functionsnetflow.php in Artica Pandora FMS 7.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the index.php?operation/netflow/nfliveview ipdst, dstport, or srcport parameter, a different vulnerability than CVE-2019-20224...
CVE-2012-1258
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters...
CVE-2012-1259
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...
Sql injection
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...
Cross site scripting
Cross-site scripting XSS vulnerability in cgi-bin/scrutfaexclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter...
CVE-2012-1261
CVE-2012-1261 describes a cross-site scripting (XSS) vulnerability in Scrutinizer NetFlow and sFlow Analyzer. The issue affects the CGI endpoint /cgi-bin/scrut_fa_exclusions.cgi, where the standalone parameter can be used to inject arbitrary web script/HTML on affected versions (8.6.2.16204 and o...
CVE-2012-1260
Cross-site scripting XSS vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via the newUser parameter. NOTE: this might not ...
CVE-2012-1260
The CVE-2012-1260 entry describes multiple vulnerabilities in Plixer Scrutinizer NetFlow & sFlow Analyzer (Scrutinizer) up to version 8.6.2.16204, possibly affecting earlier builds, with remediation implemented in 9.0.1 (9.0.1.19899). Concrete issues include: Cross-site scripting (XSS) in cgi-bin...
CVE-2012-1259
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...