20 matches found
PT-2026-44114
Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.0 Description The deny remote feature incorrectly classifies IPv4-mapped IPv6 remote connections as local sessions. This occurs because the system checks the ut addr v6 field of utmpx using a guard if utent-ut add...
CVE-2025-67787
DriveLock Operations Center is affected by a Cross Site Scripting (XSS) flaw in versions 25.1.2 through 25.1.4, enabling potential session takeover over the network. The issue is documented across multiple sources (Red Hat, NVD, CNNVD, etc.) and is tied to version 25.1.2 before 25.1.5. The common...
How Malwarebytes stops the ransomware attack that most security software can’t see
Imagine this scenario: Your protection software is running perfectly. Systems are protected, definitions are up to date, behavioral analysis is active. Then, suddenly, files across your network start getting encrypted. Backups are being deleted. Ransom notes appear across your machines. Your...
Suricata < 7.0.12 / 8.0.0 < 8.0.1 Detection Bypass
The version of OISF Suricata installed on the remote host is prior to 7.0.12 and 8.0.x prior to 8.0.1. It is, therefore, affected by multiple vulnerabilities: - Suricata is a network IDS, IPS and NSM engine developed by the OISF Open Information Security Foundation and the Suricata community...
EUVD-2020-17856
Malware in sbrugna...
CVE-2020-25165
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the ...
SUSE CVE-2019-6256
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmdTunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie HTTP headers in a GET request and a POST request...
Symantec Identity Manager 授权问题漏洞
Symantec Identity Manager is an identity management system from Symantec Corporation. A security vulnerability exists in Symantec Identity Manager version 14.4, which originates from an unauthenticated user being able to access a specific page URL in the management console, but the system does no...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security bypass vulnerability exists in F5 BIG-IP, which can be exploited by an attacker to bypass data access restrictions...
CVE-2020-25165
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerability within the authentication process between specified versions of the BD Alaris PC Unit and the ...
CVE-2020-25165
CVE-2020-25165 affects BD Alaris PC Unit Model 8015 and BD Alaris Systems Manager (versions 4.33 and earlier). The issue is a network session authentication vulnerability in the authentication process between these components that could be exploited to perform a denial-of-service by modifying dat...
UBUNTU-CVE-2019-1010279
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c...
CVE-2017-14479
In the MMM::Agent::Helpers::Network::clearip function in MySQL Multi-Master Replication Manager MMM mmmagentd 2.2.1 for Solaris, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\agentd process. An...
PT-2018-5671 · Mysql Server · Mysql Multi-Master Replication Manager (Mmm) Mmm Agentd
Name of the Vulnerable Software and Affected Versions: MySQL Multi-Master Replication Manager MMM mmm agentd version 2.2.1 Description: A specially crafted MMM protocol message can cause a shell command injection in the add ip function, resulting in arbitrary command execution with the privileges...
NSURLSession Competition Condition Vulnerability in Multiple Apple Products
Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is a set of operating systems for mobile devices; macOS High Sierra is a specialized operating system for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system; and...
Juniper NSM Linux Kernel TCP Sequence Number Generation Issue (PSN-2012-08-688)
According to the version of one or more Juniper NSM servers running on the remote host, it is potentially vulnerable to denial of service and network session hijacking attacks due to a weak IP sequence number generator. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Authentication flaw
The default configuration of EMC Smarts Network Configuration Manager NCM before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session...
Default credentials
The Siemens Synco OZW Web Server devices OZW672., OZW772., and OZW775 with firmware before 4 have an unspecified default password, which makes it easier for remote attackers to obtain administrative access via a network session...
CVE-2011-3188
The 1 IPv4 and 2 IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service disrupted networking or hijack network sessions by predicting...
CVE-2009-2508
The single sign-on implementation in Active Directory Federation Services ADFS in Microsoft Windows Server 2003 SP2 and Server 2008 Gold and SP2 does not properly remove credentials at the end of a network session, which allows physically proximate attackers to obtain the credentials of a previou...