CVE-2021-31351

CVE-2021-31351 affects Juniper Networks Junos OS on MX Series where MS-MPC/MS-MIC packet processing can trigger a reset and sustained DoS due to an improper check for unusual or exceptional conditions. The affected versions span numerous releases (e.g., 17.3R3-S11 through 21.1R1) with prior relea...

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A code issue vulnerability exists in Juniper Networks Junos OS due to improper checking for anomalies or...

Couchbase Server 缓冲区错误漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. Couchbase Server suffers from a buffer error vulnerability that originates from out-of-bounds access to network packet...

CVE-2021-1615

A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller EWC Software for Catalyst Access Points APs could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected AP. This vulnerability is due to insufficient buffer...

Design/Logic Flaw

A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller EWC Software for Catalyst Access Points APs could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected AP. This vulnerability is due to insufficient buffer...

CVE-2021-1615 Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service Vulnerability

A vulnerability in the packet processing functionality of Cisco Embedded Wireless Controller EWC Software for Catalyst Access Points APs could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected AP. This vulnerability is due to insufficient buffer...

Cisco Embedded Wireless Controller 安全漏洞

Cisco Embedded Wireless Controller is a wireless access point from Cisco USA. A security vulnerability exists in the Cisco Embedded Wireless Controller that stems from an under-allocation of buffers in the router software packet processing function used in Catalyst access points. The vulnerabilit...

GHSA-2JFV-G3FH-XQ3V Excessive memory usage in tokio-rustls

tokio-rustls does not call processnewpackets immediately after read, so the expected termination condition wantsread always returns true. As long as new incoming data arrives faster than it is processed and the reader does not return pending, data will be buffered. This may cause DoS...

CVE-2021-36762

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

CVE-2021-36762

An issue was discovered in HCC Embedded InterNiche NicheStack through 4.3. The tfshnd:tftpsrv.c TFTP packet processing function doesn't ensure that a filename is adequately '\0' terminated; therefore, a subsequent call to strlen for the filename might read out of bounds of the protocol packet...

Cisco Firepower Threat Defense Software Inline Pair/Passive Mode DoS (cisco-sa-ftd-inline-dos-nXqUyEqM)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a vulnerability in the ingress packet processing path for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of...

NicheStack embedded TCP/IP has vulnerabilities

Overview HCC Embedded's software called InterNiche stack NicheStack and NicheLite, which provides TCP/IP networking capability to embedded systems, is impacted by multiple vulnerabilities. The Forescout and JFrog researchers who discovered this set of vulnerabilities have identified these as...

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. A code issue vulnerability exists in Junos OS that stems from a vulnerability in the device's handling of certain MPLS...

CVE-2021-3594

An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udpinput function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or...

CVE-2021-1564

Multiple vulnerabilities in the implementation of the Cisco Discovery Protocol and Link Layer Discovery Protocol LLDP for Cisco Video Surveillance 7000 Series IP Cameras could allow an unauthenticated, adjacent attacker to cause a memory leak, which could lead to a denial of service DoS condition...

PT-2021-3861 · Hcc Embedded · Nichestack

Name of the Vulnerable Software and Affected Versions: HCC Embedded InterNiche NicheStack versions through 4.3 Description: The issue is related to errors in handling TFTP packet processing in the NicheLite and InterNiche TCP/IP stacks, specifically with null-termination of strings or arrays. Thi...

kernel: netfilter: use-after-free in the packet processing context

A use-after-free flaw was found in the packet processing context in net/netfilter/xtables.c in netfilter in the Linux Kernel. This issue occurs when the per-CPU sequence count is mishandled during concurrent iptables rules replacement and can be exploited with the CAPNETADMIN capability in an...

kernel: netfilter: use-after-free in the packet processing context

A use-after-free flaw was found in the packet processing context in net/netfilter/xtables.c in netfilter in the Linux Kernel. This issue occurs when the per-CPU sequence count is mishandled during concurrent iptables rules replacement and can be exploited with the CAPNETADMIN capability in an...

Cisco Adaptive Security Appliance Software DoS (cisco-sa-asaftd-dos-QFcNEPfx)

According to its self-reported version, the TCP packet processing of Cisco Adaptive Security Appliance Software is affected by denial of service vulnerability due to a memory exhaustion condition. An unauthenticated, remote attacker can exploit this by sending a high rate of crafted TCP traffic...

Cisco Firepower Threat Defense Software DoS (cisco-sa-asaftd-dos-QFcNEPfx)

According to its self-reported version, the TCP packet processing of Cisco Firepower Threat Defense FTD Software is affected by denial of service vulnerability due to a memory exhaustion condition. An unauthenticated, remote attacker can exploit this by sending a high rate of crafted TCP traffic...