1170 matches found
CVE-2025-2704
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...
CVE-2025-2704
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase...
CVE-2024-45064
A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted set of network packets can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2024-50384
CVE-2024-50384 concerns the STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0 NetX NetX Duo Web Component HTTP server. Talos details reveal a denial-of-service via the HTTP server PUT handling in x-cube-azrtos-f7, where the HTTP server creates a file for writing and, if an error occurs after the file is ...
CVE-2024-50385
A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects...
CVE-2024-50384
A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability affects...
GHSA-G274-C6JJ-H78P PocketMine-MP allows malicious client data to waste server resources due to lack of limits for explode()
Impact Due to lack of limits by default in the explode function, malicious clients were able to abuse some packets to waste server CPU and memory. This is similar to a previous security issue published in https://github.com/pmmp/PocketMine-MP/security/advisories/GHSA-gj94-v4p9-w672, but with a...
Linux Distros Unpatched Vulnerability : CVE-2019-5152
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream...
CVE-2024-55570
/api/user/users in the web GUI for the Cubro EXA48200 network packet broker build 20231025055018 fixed in V5.0R14.5P4-V3.3R1 allows remote authenticated users of the application to increase their privileges by sending a single HTTP PUT request with rolename=Administrator, aka incorrect access...
Linux Distros Unpatched Vulnerability : CVE-2021-47293
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actskbmod: Skip non-Ethernet packets Currently tcfskbmodact assumes that packets use Ethernet as their L2 protocol, which is not always the case. As ...
Linux Distros Unpatched Vulnerability : CVE-2024-40937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi-skb before devkfreeskbany gverxfreeskb incorrectly leaves napi-skb referenci...
Linux Distros Unpatched Vulnerability : CVE-2020-24588
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that the A-MSDU flag in the...
Linux Distros Unpatched Vulnerability : CVE-2015-6815
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The processtxdesc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allo...
Linux Distros Unpatched Vulnerability : CVE-2020-26144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the fir...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from the failure to disassociate NAPI when the tun device is destroyed...
CVE-2024-28759
A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09...
CVE-2022-43663
An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2022-41004
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41022
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41013
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...