Lucene search
K

1171 matches found

Cvelist
Cvelist
added 2023/10/12 3:27 p.m.37 views

CVE-2023-22308

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

7.5CVSS7.5AI score0.00728EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/12 3:27 p.m.19 views

CVE-2023-27395

A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this...

9CVSS9.5AI score0.01543EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/12 3:27 p.m.9 views

CVE-2023-22325

A denial of service vulnerability exists in the DCRegister DDNSRPCMAXRECVSIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

5.9CVSS6.5AI score0.00957EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/12 3:27 p.m.23 views

CVE-2023-22325

A denial of service vulnerability exists in the DCRegister DDNSRPCMAXRECVSIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

5.9CVSS7.3AI score0.00957EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/12 3:27 p.m.29 views

CVE-2023-23581

A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service...

7.5CVSS7.5AI score0.00834EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/10/12 3:27 p.m.15 views

CVE-2023-23581

A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service...

7.5CVSS7AI score0.00834EPSS
Exploits1References1
CVE
CVE
added 2023/10/12 3:27 p.m.62 views

CVE-2023-27516

CVE-2023-27516 affects SoftEther VPN 4.41-9782-beta and 5.01.9674, where a flaw in the CiRpcAccepted() function allows authentication bypass via a specially crafted network packet, enabling unauthorized access. The Red Hat, JVN, and other records corroborate the affected versions and the specific...

7.8CVSS7.8AI score0.0053EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/10/12 3:27 p.m.20 views

CVE-2023-27516

An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability...

7.3CVSS8.8AI score0.0053EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/12 3:27 p.m.17 views

CVE-2023-27516

An authentication bypass vulnerability exists in the CiRpcAccepted functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability...

7.3CVSS6.9AI score0.0053EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/12 3:27 p.m.19 views

CVE-2023-31192

An information disclosure vulnerability exists in the ClientConnect functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

5.3CVSS6.1AI score0.00976EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/12 3:27 p.m.37 views

CVE-2023-31192

An information disclosure vulnerability exists in the ClientConnect functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

5.3CVSS6.8AI score0.00976EPSS
Exploits1References2
Talos
Talos
added 2023/10/12 12:0 a.m.35 views

SoftEther VPN vpnserver OvsProcessData denial of service vulnerability

Talos Vulnerability Report TALOS-2023-1737 SoftEther VPN vpnserver OvsProcessData denial of service vulnerability October 12, 2023 CVE Number CVE-2023-22308 SUMMARY An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A...

7.5CVSS7.5AI score0.00728EPSS
Exploits1
Talos
Talos
added 2023/10/12 12:0 a.m.20 views

SoftEther VPN DCRegister DDNS_RPC_MAX_RECV_SIZE denial of service vulnerability

Talos Vulnerability Report TALOS-2023-1736 SoftEther VPN DCRegister DDNSRPCMAXRECVSIZE denial of service vulnerability October 12, 2023 CVE Number CVE-2023-22325 SUMMARY A denial of service vulnerability exists in the DCRegister DDNSRPCMAXRECVSIZE functionality of SoftEther VPN 4.41-9782-beta,...

5.9CVSS6AI score0.00957EPSS
Exploits1
NVD
NVD
added 2023/10/11 4:15 p.m.32 views

CVE-2023-34346

A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.020221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability...

9.8CVSS9.8AI score0.01292EPSS
Exploits0References2
Prion
Prion
added 2023/10/11 4:15 p.m.23 views

Stack overflow

A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.020221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability...

7.5CVSS9.7AI score0.01292EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/11 3:14 p.m.13 views

CVE-2023-34346

A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.020221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability...

9.8CVSS9.7AI score0.01292EPSS
Exploits0References1
CVE
CVE
added 2023/10/11 3:14 p.m.56 views

CVE-2023-34346

CVE-2023-34346 concerns a stack-based buffer overflow in the Yifan YF325 router. Talos reports the vulnerability exists in the httpd gwcfg.cgi get endpoint, where the code reads request data using Content-Length into a fixed-size buffer without proper bounds checking, allowing a specially crafted...

9.8CVSS9.7AI score0.01292EPSS
Exploits0References2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/10 1:37 p.m.71 views

Security Bulletin: IBM QRadar Network Packet Capture includes components with multiple known vulnerabilities

Summary The product includes multiple vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the relevant CVEs. Vulnerability Details CVEID:CVE-2023-38408 DESCRIPTION: OpenSSH could allow a remote attacker to execute arbitrary...

9.8CVSS9AI score0.76768EPSS
Exploits34Affected Software1
Ubuntu
Ubuntu
added 2023/10/10 1:9 p.m.52 views

LSN-0098-1: Kernel Live Patch Security Notice

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2023-3090 It...

7.8CVSS7.2AI score0.00958EPSS
Exploits4
Ubuntu
Ubuntu
added 2023/09/26 6:39 p.m.88 views

USN-6397-1: Linux kernel (BlueField) vulnerabilities

Daniel Moghimi discovered that some IntelR Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. CVE-2022-40982 Ruihan Li discovered that the bluetooth subsystem ...

10CVSS7.9AI score0.05794EPSS
Exploits5
Rows per page
Query Builder