1155 matches found
PT-2020-4460 · Cisco · Cisco Ftd +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software versions prior to the fixed version Cisco Firepower Threat Defense FTD Software versions prior to the fixed version Description: A vulnerability in the OSPF Version 2 OSPFv2 implementation could...
CVE-2020-1687
On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in Ethernet VPN EVPN-Virtual Extensible LAN VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffi...
Design/Logic Flaw
On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine RE high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is...
Design/Logic Flaw
On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in Ethernet VPN EVPN-Virtual Extensible LAN VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffi...
CVE-2020-1687 Junos OS: EX4300-MP/EX4600/QFX5K Series: High CPU load due to receipt of specific layer 2 frames in EVPN-VXLAN deployment.
On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in Ethernet VPN EVPN-Virtual Extensible LAN VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffi...
CVE-2020-1687
CVE-2020-1687 affects Junos OS on Juniper EX4300-MP, EX4600 and QFX5K series used as EVPN-VXLAN L2/L3 gateways. The issue occurs when receiving a stream of specific VXLAN-encapsulated L2 frames within the same EVPN-VXLAN domain, causing high CPU load and potentially impacting network protocol ope...
CVE-2020-1670
CVE-2020-1670 affects Juniper Junos OS on EX4300 Series. A stream of specific IPv4 packets entering the IRB interface can cause Routing Engine high CPU load, potentially leading to network protocol operation issues and traffic interruption. The trigger is limited to IPv4 (IPv6 is not affected) an...
CVE-2020-1670 Junos OS: EX4300 Series: High CPU load due to receipt of specific IPv4 packets
On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine RE high CPU load, which could lead to network protocol operation issue and traffic interruption. This specific packets can originate only from within the broadcast domain where the device is...
The vulnerability in the implementation of the NetBIOS protocol on Windows operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the NetBIOS protocol implementation in Windows operating systems is related to errors in object memory handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
PT-2020-4254 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling objects in memory within the NetBIOS protocol implementation in Windows. This could allow an attacker to gain unauthorized access to protected...
Debian DLA-2385-1 : linux-4.19 security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2019-3874 Kernel buffers allocated by the SCTP network protocol were not limited by the memory cgroup controller. A local user could potentially us...
Firefox for Android Bug Allows 'Epic Rick-Rolling'
A vulnerability in Firefox for Android paves the way for an attackers to launch websites on a victim’s phone, with no user interaction. The attack manifests in the form of a Firefox browser window on the target device suddenly launching, without the users’ permission. This can be used for various...
Samba Command Injection Vulnerability
Samba is a set of free software that enables the UNIX family of operating systems to connect to the SMB/CIFS network protocol of the Microsoft Windows operating system. Samba suffers from a command injection vulnerability that can be exploited by an attacker to elevate privileges...
CVE-2018-17773
Ingenico Telium 2 POS terminals have a buffer overflow via SOCKETTASK in the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N...
[SECURITY] Fedora 32 Update: mysql-connector-java-8.0.21-1.fc32
MySQL Connector/J is a native Java driver that converts JDBC Java Database Connectivity calls into the network protocol used by the MySQL database. It lets developers working with the Java programming language easily build programs and applets that interact with MySQL and connect all corporate...
D-Link DIR-822 Buffer Overflow Vulnerability
The D-Link DIR-822 is an AC1200 Wi-Fi router. A buffer overflow vulnerability exists in the D-Link DIR-822 v.202KRb06 and earlier versions. An attacker can exploit this vulnerability to cause a buffer overflow via the long MacAddress data in the /HNAP1/SetClientInfo HNAP protocol message...
Contiki-NG buffer overflow vulnerability (CNVD-2020-49536)
Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A buffer overflow vulnerability exists in Contiki-NG versions 4.4 through 4.5 SNMP agent. The vulnerability stems from a network system or product performing operations on memory witho...
Vulnerability of the Server component: The Oracle MySQL Server database management system’s DML component, which is vulnerable due to insufficient input data validation. This allows attackers to cause system downtime or service failures.
The vulnerability of the Oracle MySQL Server component relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause downtime or service failures using the MySQL network protocol...
USN-4451-2 ppp vulnerability
USN-4451-1 fixed a vulnerability in ppp. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Thomas Chauchefoin working with Trend Micro´s Zero Day Initiative, discovered that ppp incorrectly handled module loading. A local attacker...
aflnet
It is an offensive tool for Network protocols. The repository contains a greybox fuzzer for protocol implementations, named AFLNet. It takes a mutational approach and uses state-feedback, in addition to code-coverage feedback, to guide the fuzzing process. AFLNet is seeded with a corpus of record...