Lucene search
K

86 matches found

NVD
NVD
added 2019/05/13 4:29 p.m.15 views

CVE-2018-4014

An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability...

9.8CVSS8.7AI score0.02234EPSS
Exploits0References1
Veracode
Veracode
added 2019/05/02 4:52 a.m.16 views

Denial Of Service (DoS)

sssd is vulnerable to denial of service. Multiple out-of-bounds memory read flaws were found in the way the autofs and SSH service responders parsed certain SSSD packets. An attacker could spend a specially-crafted packet that, when processed by the autofs or SSH service responders, would cause...

5CVSS5.9AI score0.03324EPSS
Exploits0References136Affected Software1
Vulnrichment
Vulnrichment
added 2018/10/17 8:0 p.m.6 views

CVE-2018-0395 Cisco FXOS and NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition when the device unexpectedly reloads. The vulnerability is due to improper input...

8.8CVSS6.8AI score0.00857EPSS
Exploits0References3
Kitploit
Kitploit
added 2018/10/08 1:3 p.m.2656 views

ANDRAX - The First And Unique Penetration Testing Platform For Android Smartphones

ANDRAX The first and unique Penetration Testing platform for Android smartphones What is ANDRAX ANDRAX is a penetration testing platform developed specifically for Android smartphones, ANDRAX has the ability to run natively on Android so it behaves like a common Linux distribution, But more...

7.1AI score
Exploits0
CNVD
CNVD
added 2018/08/17 12:0 a.m.2 views

Denial of Service Vulnerability in DCCE MAC1100 PLCs

MAC1100 PLC is a programmable logic controller manufactured by Dalian Polytechnic Computer Control Engineering Co. A denial of service vulnerability exists in the DCCE MAC1100 PLC, which can be exploited by an attacker to cause the PLC to shut down and the CPU to deny service via unauthorized...

6.7AI score
Exploits0
NVD
NVD
added 2018/07/11 6:29 p.m.20 views

CVE-2018-0034

A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is limited to systems which receives IPv6 DHCP packets on a system configured for DHCP processing...

5.9CVSS5.3AI score0.0215EPSS
Exploits0References3
Kitploit
Kitploit
added 2018/04/26 9:23 p.m.33 views

Nemesis - A Command-Line Network Packet Crafting And Injection Utility

The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts. Key Features ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP,...

7AI score
Exploits0References2
Cvelist
Cvelist
added 2018/04/18 8:0 p.m.19 views

CVE-2018-8840

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution...

9.6AI score0.08431EPSS
Exploits0References4
n0where
n0where
added 2018/04/17 6:27 p.m.158 views

Command-line Network Packet Crafting and Injection Utility: nemesis

The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts. Key Features ARP/RARP, DNS, ETHERNET, ICMP, IGMP, IP,...

Exploits0References1
CNVD
CNVD
added 2018/04/03 12:0 a.m.4 views

Rockwell Automation Allen Bradley Micrologix 1400 Series B FRN Denial of Service Vulnerability

Rockwell Automation Allen Bradley Micrologix 1400 Series B FRN is a programmable logic controller from Rockwell Automation. A denial of service vulnerability exists in the Ethernet feature of the Rockwell Automation Allen Bradley Micrologix 1400 Series B FRN 21.2 and prior versions. An attacker...

8.6CVSS6.7AI score0.04537EPSS
Exploits1References1
CNVD
CNVD
added 2017/12/04 12:0 a.m.5 views

Code Execution Vulnerability in Multiple Cisco Products

Cisco Nexus 2000 Series Fabric Extenders and so on are the products of the American Cisco Cisco company.Cisco Nexus 2000 Series Fabric Extenders is a Nexus 2000 series array extender.Nexus 5000 Series Nexus 5000 Series Switches is a 5000 series switch. A code execution vulnerability exists in the...

6.8CVSS7.5AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2017/11/22 7:0 p.m.57 views

CVE-2017-8120

CVE-2017-8120 affects Huawei UMA products (V200R001 and V300R001) with a privilege-elevation vulnerability caused by insufficient validation or improper processing of parameters. An attacker could craft specific packets to exploit these weaknesses to gain elevated privileges. Public sources (NVD ...

9.8CVSS9.7AI score0.01047EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/09/29 1:34 a.m.15 views

Design/Logic Flaw

A vulnerability in the implementation of Network Address Translation NAT functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the improper translation of H.323...

7.8CVSS7.5AI score0.07128EPSS
Exploits0References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2017/08/15 12:0 a.m.51 views

HPE Intelligent Management Center dbman RestoreDBase Command Injection (CVE-2017-5817; CVE-2017-5819)

A command injection vulnerability exists in the dbman component of HPE Intelligent Management Center. The vulnerability exists due to missing validation of user-provided parameters when handling RestoreDBase commands for MSSQL and MySQL databases. A remote, unauthenticated attacker can exploit th...

10CVSS2.7AI score0.82877EPSS
Exploits8
Prion
Prion
added 2017/04/20 10:59 p.m.28 views

Buffer overflow

Multiple vulnerabilities in the EnergyWise module of Cisco IOS 12.2 and 15.0 through 15.6 and Cisco IOS XE 3.2 through 3.18 could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of service DoS condition. These...

7.8CVSS8.7AI score0.02782EPSS
Exploits0References3Affected Software2
Prion
Prion
added 2016/04/25 10:59 a.m.24 views

Code injection

The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not properly restrict element lists, which allows remote attackers to cause a denial of service deep recursion and application crash via a crafted packet, related to epan/dissectors/packet-capwap.c and...

4.3CVSS6.9AI score0.02116EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2016/04/25 10:59 a.m.26 views

CVE-2016-4078

The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not properly restrict element lists, which allows remote attackers to cause a denial of service deep recursion and application crash via a crafted packet, related to epan/dissectors/packet-capwap.c and...

5.9CVSS6.5AI score0.02116EPSS
Exploits0References5
Prion
Prion
added 2016/01/04 5:59 a.m.22 views

Code injection

The initt38infoconv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service application crash via a crafted packet...

4.3CVSS6.8AI score0.01539EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2016/01/04 2:0 a.m.76 views

CVE-2015-8720

Wireshark CVE-2015-8720: The BER dissector’s dissect_ber_GeneralizedTime (epan/dissectors/packet-ber.c) poorly checks sscanf, enabling denial of service (crash) via crafted packets. Affected: Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1. Remediation: upgrade to 1.12.9+ or 2.0.1+ (or newe...

5.5CVSS5.2AI score0.01539EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2016/01/04 2:0 a.m.87 views

CVE-2015-8716

Wireshark 1.12.x before 1.12.9 is vulnerable to CVE-2015-8716. The init_t38_info_conv function in epan/dissectors/packet-t38.c does not ensure a conversation exists, enabling remote attackers to crash the application via a crafted T.38 packet. Remediation per the linked description is to upgrade ...

5.5CVSS5.2AI score0.01539EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder