8825 matches found
CVE-2015-8543
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service NULL function pointer dereference and system crash or possibly gain...
CVE-2015-8543
CVE-2015-8543 affects the Linux kernel networking stack (up to version 4.3.3 as used in Android and others). The issue: the networking implementation does not validate protocol identifiers for certain protocol families, enabling local users to cause a NULL pointer dereference and system crash, wi...
networkingtimes.com XSS vulnerability
Vulnerable URL: https://networkingtimes.com/loyalty/preview.php?refCode=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 23.11.2017 Latest check for patch:| 23.11.2017 20:08 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...
CVE-2015-8543
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service NULL function pointer dereference and system crash or possibly gain...
UBUNTU-CVE-2015-8543
The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service NULL function pointer dereference and system crash or possibly gain...
PhpSocial 2.0.0304_20222226 - Cross-Site Request Forgery
Security Advisory - Curesec Research Team 1. Introduction Affected Product: PhpSocial v2.0.030420222226 Fixed in: not fixed Fixed Version Link: n/a Vendor Webite: http://phpsocial.net Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to public: 12/21/2015...
Scientific Linux Security Update : chrony on SL7.x x86_64 (20151119)
An out-of-bounds write flaw was found in the way chrony stored certain addresses when configuring NTP or cmdmon access. An attacker that has the command key and is allowed to access cmdmon only localhost is allowed by default could use this flaw to crash chronyd or, possibly, execute arbitrary co...
Moderate: Red Hat Security Advisory: openstack-nova secuity and bug fix advisory
Updated OpenStack Compute packages that resolve one security issue and a bug are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for RHEL 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
Damn Vulnerable Node Application: DVNA
Damn Vulnerable Node Application DVNA is a node.js web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid...
python-rdomanager-oscplugin: NeutronMetadataProxySharedSecret parameter uses default value
It was discovered that Director's NeutronMetadataProxySharedSecret parameter remained specified at the default value of 'unset'. This value is used by OpenStack Networking to sign instance headers; if unchanged, an attacker knowing the shared secret could use this flaw to spoof OpenStack Networki...
Fast Packet Networking Toolkit: Snabb Switch
Snabb Switch is open source software for solving novel problems in networking. Blending the latest techniques for high-performance x86 packet processing together with a high-level LuaJIT programming interface. The goal is to offer the easiest way to create and deploy new network functions in larg...
Flexible DDoS Defense: Bohatei
DDoS defense today relies on expensive and proprietary hardware appliances deployed at fixed locations. This introduces key limitations with respect to flexibility e.g., complex routing to get traffic to these “chokepoints” and elasticity in handling changing attack patterns. We observe an...
Cisco Networking Services for IOS信息泄露漏洞
No description provided by source...
Cisco Networking Services for IOS Information Disclosure Vulnerability
Cisco Networking Services for IOS is a set of services from Cisco for remote event-driven configuration and remote execution of the Command Line Interface CLI on Cisco IOS network devices. An information disclosure vulnerability exists in Cisco Networking Services for IOS 15.22E3 that could allow...
US-CERT Alerts Users to Holiday Phishing Scams and Malware Campaigns
US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver infected attachments. Spoofed email messages and fraudulent posts on social networking...
openSUSE Security Update : docker (openSUSE-2015-792)
Docker was updated to version 1.9.0, bringing features and bugfixes bnc954812 : - Runtime : - docker stats now returns block IO metrics 15005 - docker stats now details network stats per interface 15786 - Add ancestor= filter to docker ps --filter flag to filter containers based on their ancestor...
CVE-2015-6375
The debug-logging aka debug cns feature in Cisco Networking Services CNS for IOS 15.22E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010...
Design/Logic Flaw
The debug-logging aka debug cns feature in Cisco Networking Services CNS for IOS 15.22E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010...
CVE-2015-6375
The debug-logging aka debug cns feature in Cisco Networking Services CNS for IOS 15.22E3 allows local users to obtain sensitive information by reading an unspecified file, aka Bug ID CSCux18010...
CVE-2015-6375
Cisco Networking Services (CNS) for IOS 15.2(2)E3 is affected by CVE-2015-6375, where the debug-logging (debug CNS) feature can allow a local authenticated user to disclose sensitive information by reading an unspecified file. The issue stems from insufficient protections of sensitive data at res...