1170 matches found
CVE-2025-23018
IPv4-in-IPv6 and IPv6-in-IPv6 tunneling RFC 2473 do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136...
CVE-2025-23018
CVE-2025-23018 covers the IPv4-in-IPv6 tunneling case where RFC 2473 traffic can be accepted without validating the packet source. The result is spoofing and potential to route arbitrary traffic via an exposed network interface. Connected sources corroborate a lack of source verification for cert...
Magma 安全漏洞
Magma is an open source software platform from Magma Open Source. An open, flexible and scalable mobile core network solution for network operators. A security vulnerability exists in Magma version v1.8.0, which stems from a reachable assertion in a function that allows an attacker to trigger a...
kernel: Linux kernel: Denial of Service due to incorrect network packet processing in NSH module
A flaw was found in the Linux kernel, specifically within its Network Service Header NSH module. A local attacker could exploit this vulnerability by sending specially crafted network packets, which would cause the system to crash. This issue, a type of Denial of Service DoS, arises from an...
CVE-2024-51409
Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware...
PT-2024-34623 · Tenda · Tenda O3
Name of the Vulnerable Software and Affected Versions: Tenda O3 version 1.0.0.5 Description: The issue is a Buffer Overflow that allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware. This flaw ca...
Tenda O3 安全漏洞
Tenda O3 is an outdoor wireless bridge from Tenda, China. The Tenda O3 suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. A remote attacker could use this vulnerability to cause a denial of service via a fixed-format...
CVE-2024-51409
Affected product: Tenda O3 router (firmware 1.0.0.5). The issue is a Buffer Overflow in processing untrusted input from a fixed-format network packet, leading to remote DoS. Root cause is a boundary/overflow condition in input handling. Exploitation details are not fully provided in the documents...
CVE-2024-51409
Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware...
UBUNTU-CVE-2022-48964
In the Linux kernel, the following vulnerability has been resolved: ravb: Fix potential use-after-free in ravbrxgbeth The skb is delivered to napigroreceive which may free it, after calling this, dereferencing skb may trigger use-after-free...
CLSA-2024-1728583928 Fix of 18 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-46802 - drm/amd/display: added NULL check at start of dcvalidatestream CVE-url: https://ubuntu.com/security/CVE-2024-46818 - drm/amd/display: fix sporadic multiple aux transaction failure - drm/amd/display: Check gpioid before used as array index...
SUSE CVE-2024-46854
In the Linux kernel, the following vulnerability has been resolved: net: dpaa: Pad packets to ETHZLEN When sending packets under 60 bytes, up to three bytes of the buffer following the data may be leaked. Avoid this by extending all packets to ETHZLEN, ensuring nothing is leaked in the padding...
CVE-2024-38813
CVE-2024-38813 : Privilege-escalation in VMware vCenter Server. A remote attacker with network access could trigger a flaw by sending a specially crafted packet to escalate to root. NVD lists CVSS v3.1 base score 9.8 (CRITICAL) with network access, no user interaction. Related documents also desc...
CVE-2024-38813
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...
The vulnerability of IBM QRadar Network Packet Capture in capturing network traffic lies in the lack of data encryption measures, which allows attackers to disclose protected information.
The vulnerability of IBM QRadar Network Packet Capture relates to the lack of measures for data encryption. Exploiting this vulnerability could allow a malicious actor to disclose protected information by executing a “man-in-the-middle” attack...
CVE-2024-31905
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...
CVE-2024-31905
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...
CVE-2024-31905 IBM QRadar Network Packet Capture information disclosure
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...
CVE-2024-31905
IBM QRadar Network Packet Capture 7.5 is affected by CVE-2024-31905 due to failure to properly enable HTTP Strict Transport Security, enabling man-in-the-middle–style access to sensitive information. The issue is network-exploitable (AV:N, AC:H, PR:N, UI:N, S:U) with confidentiality impact HIGH a...
CVE-2024-31905 IBM QRadar Network Packet Capture information disclosure
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...