Lucene search
K

1171 matches found

Talos
Talos
added 2024/02/20 12:0 a.m.39 views

Weston Embedded uC-TCP-IP ICMP/ICMPv6 parsing denial of service vulnerabilities

Talos Vulnerability Report TALOS-2023-1828 Weston Embedded uC-TCP-IP ICMP/ICMPv6 parsing denial of service vulnerabilities February 20, 2024 CVE Number CVE-2023-39540,CVE-2023-39541 SUMMARY A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded...

5.9CVSS5.9AI score0.00811EPSS
Exploits2
NVD
NVD
added 2024/01/12 7:15 p.m.28 views

CVE-2023-31024

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information...

9.8CVSS9.5AI score0.00644EPSS
Exploits0References1
NVD
NVD
added 2024/01/12 7:15 p.m.19 views

CVE-2023-31029

NVIDIA DGX A100 baseboard management controller BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial ...

9.8CVSS9.6AI score0.00635EPSS
Exploits0References1
Prion
Prion
added 2024/01/12 7:15 p.m.20 views

Stack overflow

NVIDIA DGX A100 baseboard management controller BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial ...

7.5CVSS8.1AI score0.00635EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/12 7:15 p.m.24 views

Memory corruption

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information...

7.5CVSS7.9AI score0.00644EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/12 7:15 p.m.22 views

Stack overflow

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information...

7.5CVSS8.1AI score0.00603EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/12 6:31 p.m.28 views

CVE-2023-31024 CVE

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information...

9CVSS10AI score0.00644EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/12 6:31 p.m.20 views

CVE-2023-31030 CVE

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information...

9.3CVSS10AI score0.00603EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/12 6:31 p.m.13 views

CVE-2023-31029 CVE

NVIDIA DGX A100 baseboard management controller BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial ...

9.3CVSS7.8AI score0.00635EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/12 6:31 p.m.22 views

CVE-2023-31029 CVE

NVIDIA DGX A100 baseboard management controller BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a stack overflow by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial ...

9.3CVSS10AI score0.00635EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.2 views

netfilter Security Vulnerabilities

netfilter is a packet filtering framework used on Linux systems. A security vulnerability exists in netfilter due to a lack of protection against invalid nftables series pf values in the "nftablesnewtable" function. An attacker could exploit this vulnerability to achieve out-of-bounds access...

7.8CVSS7AI score0.00312EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2023/12/05 2:43 p.m.31 views

CVE-2023-43628

An integer overflow vulnerability was found in gpsd. A specially crafted network packet can lead to an integer overflow and cause memory corruption...

7.5CVSS6.7AI score0.01225EPSS
Exploits1References4
NVD
NVD
added 2023/12/05 12:15 p.m.26 views

CVE-2023-43628

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

7.5CVSS0.01225EPSS
Exploits1References2
Prion
Prion
added 2023/12/05 12:15 p.m.28 views

Integer overflow

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

5CVSS6.9AI score0.01225EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/12/05 11:35 a.m.32 views

CVE-2023-43628

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

5.9CVSS7.6AI score0.01225EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2023/12/05 11:35 a.m.25 views

CVE-2023-43628

An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability...

7.5CVSS7.5AI score0.01225EPSS
Exploits1
Talos
Talos
added 2023/12/05 12:0 a.m.38 views

GPSd NTRIP Stream Parsing access violation vulnerability

Talos Vulnerability Report TALOS-2023-1860 GPSd NTRIP Stream Parsing access violation vulnerability December 5, 2023 CVE Number CVE-2023-43628 SUMMARY An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1dev. A specially crafted network packet can lead...

7.5CVSS6.6AI score0.01225EPSS
Exploits1
OSV
OSV
added 2023/11/28 9:40 a.m.11 views

LSN-0099-1 Kernel Live Patch Security Notice

It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service host NIC availability.CVE-2022-3643 It was discovered that the virtual terminal driver in th...

7.8CVSS8AI score0.00958EPSS
Exploits4References17
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/14 3:29 p.m.58 views

Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities (CVE-2023-2828, CVE-2023-24329, CVE-2022-4839)

Summary The product includes multiple vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the relevant CVEs. Vulnerability Details CVEID:CVE-2023-2828 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by a...

8CVSS7.9AI score0.20459EPSS
Exploits4Affected Software1
NVD
NVD
added 2023/11/14 10:15 a.m.20 views

CVE-2023-31247

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

9.8CVSS0.01672EPSS
Exploits1References2
Rows per page
Query Builder