Lucene search
K

1170 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 7:51 p.m.13 views

CVE-2022-40991

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS7.6AI score0.01372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:50 p.m.12 views

CVE-2022-40995

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS7.6AI score0.01372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:50 p.m.18 views

CVE-2022-40986

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS7.6AI score0.01415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:47 p.m.18 views

CVE-2022-40987

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS7.8AI score0.01372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:47 p.m.12 views

CVE-2022-40996

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS7.6AI score0.01372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:46 p.m.12 views

CVE-2022-40990

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS7.6AI score0.01415EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:44 p.m.8 views

CVE-2022-40985

Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...

9.8CVSS7.6AI score0.01649EPSS
Exploits0References1
NVD
NVD
added 2025/02/05 6:15 p.m.30 views

CVE-2024-7595

GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered simil...

6.5CVSS0.01488EPSS
Exploits0References3
NVD
NVD
added 2025/02/05 6:15 p.m.24 views

CVE-2024-7596

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

6.5CVSS0.0081EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 5:55 p.m.8 views

CVE-2019-5152

An exploitable information disclosure vulnerability exists in the network packet handling functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher, a specially crafted set of network packets can cause an outbound connection from the server, resulting in information disclosure. An...

7.4CVSS6.2AI score0.01379EPSS
Exploits1References1
CVE
CVE
added 2025/02/05 5:37 p.m.86 views

CVE-2024-7596

CVE-2024-7596 / CVE-2025-23018 (and related CVEs) involve tunneling protocols that do not validate the source of a network packet. Specifically: The GRE/GRE6 (CVE-2024-7595) and Propose d Generic UDP Encapsulation (GUE) (CVE-2024-7596) cases describe lack of source verification in encapsulated tr...

6.5CVSS6.5AI score0.0081EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/02/05 5:37 p.m.17 views

CVE-2024-7596 Generic UDP Encapsulation (GUE) (IETF Draft) do not validate or verify the source of a network packet

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

0.0081EPSS
Exploits0References2
CVE
CVE
added 2025/02/05 5:36 p.m.102 views

CVE-2024-7595

CVE-2024-7595 is documented with concrete details in connected sources: Junos OS exposes a GRE/GRE6 vulnerability where the protocol stack does not verify the source of tunneled packets. The issue arises when GRE/GRE6 is configured without authentication or filtering, enabling a remote attacker t...

6.5CVSS6.5AI score0.01488EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVE
added 2025/02/05 2:11 p.m.6 views

CVE-2020-11264

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

10CVSS7.7AI score0.13186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:25 a.m.9 views

CVE-2024-24962

A stack-based buffer overflow vulnerability exists in the Programming Software Connection FileSelect functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to stack-based buffer overflow. An attacker can send an unauthenticated packet to trigger this...

9.8CVSS7.4AI score0.01163EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:19 a.m.6 views

CVE-2024-24851

A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted network packet can lead to a buffer overflow. An attacker can send an unauthenticated packet to trigger this vulnerability...

7.5CVSS7.5AI score0.01423EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:19 a.m.6 views

CVE-2024-24956

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead to heap-based memory corruption. An attacker can send malicious packets to trigger these...

8.2CVSS7.3AI score0.00542EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/04 8:41 p.m.54 views

Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities

Summary The product includes multiple vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. IBM has addressed the relevant CVEs. Vulnerability Details CVEID:CVE-2024-37891 DESCRIPTION: urllib3 could allow a remote authenticated attacker to...

8.1CVSS9.1AI score0.01947EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.3 views

PT-2025-2374 · Linux Foundation · Magma

Name of the Vulnerable Software and Affected Versions: Linux Foundation Magma versions = 1.8.0 Description: A buffer overflow was discovered in the decode esm message container function at /nas/ies/EsmMessageContainer.cpp. This issue allows attackers to cause a Denial of Service DoS via a crafted...

7.5CVSS7.6AI score0.00575EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2025/01/18 4:5 a.m.2 views

SUSE CVE-2024-7596

Proposed Generic UDP Encapsulation GUE IETF Draft do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can ...

6.5CVSS7AI score0.0081EPSS
Exploits0References3
Rows per page
Query Builder