Lucene search
K

773 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.6 views

SUSE CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

3.2CVSS6.9AI score0.00455EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.4 views

SUSE CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...

4CVSS6.5AI score0.01988EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.1 views

SUSE CVE-2021-20206

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

7.2CVSS5.8AI score0.01525EPSS
Exploits0References46
BDU FSTEC
BDU FSTEC
added 2023/01/30 12:0 a.m.6 views

The vulnerability of the Linux operating system’s kernel network interface layer allows a hacker to bypass the network interface layer.

The vulnerability of the Linux operating system’s kernel network firewall is related to improper handling and processing of messages. Exploiting this vulnerability can allow an attacker to bypass network firewall restrictions...

5.3CVSS6.4AI score0.01417EPSS
Exploits1References30Affected Software5
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.63 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2023-012 (ALASKERNEL-5.15-2023-012)

The version of kernel installed on the remote host is prior to 5.15.86-53.137. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2023-012 advisory. A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request...

8CVSS6.1AI score0.06346EPSS
Exploits3References256
Amazon
Amazon
added 2023/01/23 12:0 a.m.7 views

Important: kernel

Issue Overview: A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fibnhmatch of the file net/ipv4/fibsemantics.c of the component IPv4 Handler. The manipulation leads to out-of-bounds read. It is possible to initiate the attack remotely. It is...

7.8CVSS4.5AI score0.03651EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/01/20 12:0 a.m.5 views

PT-2023-14296 · Sinilink · Sinilink Xy-Wft1 Wifi Remote Thermostat

Name of the Vulnerable Software and Affected Versions: Sinilink XY-WFT1 WiFi Remote Thermostat version 1.3.6 Description: The issue allows an attacker to bypass the intended requirement to communicate using MQTT, enabling them to replay Sinilink aka SINILINK521 protocol commands via udp/1024 to...

5.9CVSS7AI score0.01868EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2023/01/19 12:0 a.m.16 views

Enumerate the Network Interface configuration via SSH

Nessus was able to parse the Network Interface data on the remote host. %NASLMINLEVEL 80900 C Tenble, Inc. include"compat.inc"; if description scriptid170170; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/02/11"; scriptnameenglish:"Enumerate the Network...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/01/03 12:0 a.m.5 views

The vulnerability of the User Portal component of the SFOS operating system’s network interface layer, specifically the Sophos Firewall (previously called Sophos XG Firewall), allows a intruder to gain unauthorized access to protected information.

The vulnerability of the User Portal component of the SFOS operating system’s Sophos Firewall formerly Sophos XG Firewall is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access...

4.3CVSS5.6AI score0.00698EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/01/01 12:0 a.m.7 views

The vulnerability of the SFOS operating system’s network interface, which is part of the Sophos Firewall (formerly known as Sophos XG Firewall), allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SFOS operating system’s network interface, which is part of the Sophos Firewall formerly known as Sophos XG Firewall, relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

4CVSS5.5AI score0.00698EPSS
Exploits0References4
OSV
OSV
added 2022/12/26 6:15 a.m.4 views

AZL-41469 CVE-2021-38561 affecting package cni for versions less than 1.1.2-2

golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack...

7.5CVSS7.1AI score0.01356EPSS
Exploits0References1
OSV
OSV
added 2022/12/07 1:15 a.m.6 views

DEBIAN-CVE-2022-3643

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an unwritten? assumption in the rest of the Linux network stack that packet...

6.5CVSS6.2AI score0.00463EPSS
Exploits0References1
OSV
OSV
added 2022/12/07 1:15 a.m.5 views

UBUNTU-CVE-2022-3643

Guests can trigger NIC interface reset/abort/crash via netback It is possible for a guest to trigger a NIC interface reset/abort/crash in a Linux based network backend by sending certain kinds of packets. It appears to be an unwritten? assumption in the rest of the Linux network stack that packet...

6.5CVSS6.5AI score0.00463EPSS
Exploits0References24
RedHat Linux
RedHat Linux
added 2022/11/15 11:38 a.m.5 views

kernel: ibmvnic: free reset-work-item when flushing

A memory leak flaw was found in the Linux kernel’s IBM Virtual Network Interface Controller ibmvnic driver. This issue involved not properly freeing memory associated with a reset work item when the reset work queue is flushed, causing the reset-work-item not to be deallocated. This flaw allows a...

5.5CVSS6.5AI score0.0021EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/11/02 12:15 p.m.2 views

CVE-2022-38380

An improper access control CWE-284 vulnerability in FortiOS version 7.2.0 and versions 7.0.0 through 7.0.7 may allow a remote authenticated read-only user to modify the interface settings via the API...

4.3CVSS5.8AI score0.22991EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/10/21 12:0 a.m.11 views

PT-2022-6166 · Cisco +6 · Cisco +6

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to the Linux network backend, specifically the netback driver, where a guest can trigger a NIC interface reset, abort, or crash by sending certain kinds of packets. This ...

10CVSS7.5AI score0.67994EPSS
Exploits216References1761
Palo Alto Networks
Palo Alto Networks
added 2022/09/14 4:0 p.m.37 views

Informational: PAN-OS: Impact of the NVIDIA Dataplane Development Kit (DPDK) Vulnerability CVE-2022-28199

The Palo Alto Networks Product Security Assurance team evaluated the NVIDIA Dataplane Development Kit DPDK vulnerability CVE-2022-28199 as it relates to our products. This vulnerability causes networking stacks that use the NVIDIA distribution of the DPDK to enter an unrecoverable state when...

6.5CVSS3AI score0.0188EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/09/09 12:0 a.m.5 views

The vulnerability of the FortiOS network interface controller software in FortiGate, related to access control deficiencies, allows attackers to disclose sensitive information.

The vulnerability of the FortiOS network interface controller software in FortiGate systems is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

4.3CVSS5.4AI score0.00472EPSS
Exploits0References4Affected Software1
The Hacker News
The Hacker News
added 2022/08/24 3:36 p.m.27 views

Air-Gapped Devices Can Send Covert Morse Signals via Network Card LEDs

A security researcher who has a long line of work demonstrating novel data exfiltration methods from air-gapped systems has come up with yet another technique that involves sending Morse code signals via LEDs on network interface cards NICs. The approach, codenamed ETHERLED, comes from Dr...

0.8AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/08/19 5:50 p.m.43 views

Security Bulletin: This Power System update is being released to address CVE-2019-16649 and CVE-2019-16650

Summary POWER8 and POWER9: In response to security issues with virtual media, new Power System firmware updates are being released to address Common Vulnerabilities and Exposures issue numbers CVE-2019-16649 and CVE-2019-16650. Vulnerability Details CVEID:CVE-2019-16649 DESCRIPTION: Multiple...

10CVSS9.6AI score0.02163EPSS
Exploits0Affected Software6
Rows per page
Query Builder