Lucene search
K

1155 matches found

Positive Technologies
Positive Technologies
added 2020/10/21 12:0 a.m.8 views

PT-2020-4460 · Cisco · Cisco Ftd +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions prior to the fixed version Cisco Firepower Threat Defense FTD Software versions prior to the fixed version Description: A vulnerability in the OSPF Version 2 OSPFv2 implementation could...

8.6CVSS7.5AI score0.01415EPSS
Exploits0References6
NVD
NVD
added 2020/10/16 9:15 p.m.21 views

CVE-2020-1687

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in Ethernet VPN EVPN-Virtual Extensible LAN VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffi...

6.5CVSS0.0049EPSS
Exploits0References1
Prion
Prion
added 2020/10/16 9:15 p.m.16 views

Design/Logic Flaw

On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine RE high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is...

3.3CVSS6.4AI score0.00519EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/10/16 9:15 p.m.19 views

Design/Logic Flaw

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in Ethernet VPN EVPN-Virtual Extensible LAN VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffi...

2.9CVSS6.4AI score0.0049EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.27 views

CVE-2020-1687 Junos OS: EX4300-MP/EX4600/QFX5K Series: High CPU load due to receipt of specific layer 2 frames in EVPN-VXLAN deployment.

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in Ethernet VPN EVPN-Virtual Extensible LAN VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffi...

6.5CVSS6.5AI score0.0049EPSS
Exploits0References1
CVE
CVE
added 2020/10/16 8:31 p.m.47 views

CVE-2020-1687

CVE-2020-1687 affects Junos OS on Juniper EX4300-MP, EX4600 and QFX5K series used as EVPN-VXLAN L2/L3 gateways. The issue occurs when receiving a stream of specific VXLAN-encapsulated L2 frames within the same EVPN-VXLAN domain, causing high CPU load and potentially impacting network protocol ope...

6.5CVSS6.4AI score0.0049EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/10/16 8:31 p.m.46 views

CVE-2020-1670

CVE-2020-1670 affects Juniper Junos OS on EX4300 Series. A stream of specific IPv4 packets entering the IRB interface can cause Routing Engine high CPU load, potentially leading to network protocol operation issues and traffic interruption. The trigger is limited to IPv4 (IPv6 is not affected) an...

6.5CVSS6.3AI score0.00519EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/10/16 8:31 p.m.20 views

CVE-2020-1670 Junos OS: EX4300 Series: High CPU load due to receipt of specific IPv4 packets

On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine RE high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is...

6.5CVSS6.4AI score0.00519EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/10/16 12:0 a.m.6 views

The vulnerability in the implementation of the NetBIOS protocol on Windows operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the NetBIOS protocol implementation in Windows operating systems is related to errors in object memory handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS5.9AI score0.01222EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/10/13 12:0 a.m.2 views

PT-2020-4254 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling objects in memory within the NetBIOS protocol implementation in Windows. This could allow an attacker to gain unauthorized access to protected...

5.5CVSS5.5AI score0.01222EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/09/29 12:0 a.m.62 views

Debian DLA-2385-1 : linux-4.19 security update

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2019-3874 Kernel buffers allocated by the SCTP network protocol were not limited by the memory cgroup controller. A local user could potentially us...

9.3CVSS7.7AI score0.05228EPSS
Exploits6References21
ThreatPost
ThreatPost
added 2020/09/21 5:1 p.m.69 views

Firefox for Android Bug Allows 'Epic Rick-Rolling'

A vulnerability in Firefox for Android paves the way for an attackers to launch websites on a victim’s phone, with no user interaction. The attack manifests in the form of a Firefox browser window on the target device suddenly launching, without the users’ permission. This can be used for various...

Exploits0References8
CNVD
CNVD
added 2020/09/14 12:0 a.m.5 views

Samba Command Injection Vulnerability

Samba is a set of free software that enables the UNIX family of operating systems to connect to the SMB/CIFS network protocol of the Microsoft Windows operating system. Samba suffers from a command injection vulnerability that can be exploited by an attacker to elevate privileges...

7CVSS7.6AI score0.00652EPSS
Exploits1References1
OSV
OSV
added 2020/09/09 7:15 p.m.4 views

CVE-2018-17773

Ingenico Telium 2 POS terminals have a buffer overflow via SOCKETTASK in the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N...

6.8CVSS6.1AI score0.006EPSS
Exploits1References4
Fedora
Fedora
added 2020/09/03 4:40 p.m.32 views

[SECURITY] Fedora 32 Update: mysql-connector-java-8.0.21-1.fc32

MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the MySQL database. It lets developers working with the Java programming language easily build programs and applets that interact with MySQL and connect all corporate...

5.1CVSS1.3AI score0.032EPSS
Exploits0
CNVD
CNVD
added 2020/08/19 12:0 a.m.4 views

D-Link DIR-822 Buffer Overflow Vulnerability

The D-Link DIR-822 is an AC1200 Wi-Fi router. A buffer overflow vulnerability exists in the D-Link DIR-822 v.202KRb06 and earlier versions. An attacker can exploit this vulnerability to cause a buffer overflow via the long MacAddress data in the /HNAP1/SetClientInfo HNAP protocol message...

9.8CVSS7.3AI score0.02617EPSS
Exploits1References1
CNVD
CNVD
added 2020/08/19 12:0 a.m.2 views

Contiki-NG buffer overflow vulnerability (CNVD-2020-49536)

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A buffer overflow vulnerability exists in Contiki-NG versions 4.4 through 4.5 SNMP agent. The vulnerability stems from a network system or product performing operations on memory witho...

9.8CVSS7.3AI score0.0154EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2020/08/14 12:0 a.m.6 views

Vulnerability of the Server component: The Oracle MySQL Server database management system’s DML component, which is vulnerable due to insufficient input data validation. This allows attackers to cause system downtime or service failures.

The vulnerability of the Oracle MySQL Server component relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause downtime or service failures using the MySQL network protocol...

6.8CVSS6.4AI score0.02439EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2020/08/06 2:10 p.m.5 views

USN-4451-2 ppp vulnerability

USN-4451-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Thomas Chauchefoin working with Trend Micro´s Zero Day Initiative, discovered that ppp incorrectly handled module loading. A local attacker...

5.5CVSS6.2AI score0.00364EPSS
Exploits0References2
Gitee
Gitee
added 2020/08/06 10:18 a.m.5 views

aflnet

It is an offensive tool for Network protocols. The repository contains a greybox fuzzer for protocol implementations, named AFLNet. It takes a mutational approach and uses state-feedback, in addition to code-coverage feedback, to guide the fuzzing process. AFLNet is seeded with a corpus of record...

7.1AI score
Exploits0
Rows per page
Query Builder