61 matches found
CVE-2023-20072
A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...
CVE-2023-20072
A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...
SUSE CVE-2020-13988
An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uipprocess in net/ipv4/uip.c...
PT-2023-12811 · Modem · Modem
Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a denial of service in the modem due to a missing null check while processing IP packets with padding. Recommendations: At the moment, there is no information about a...
PT-2022-6150 · Adobe · Coldfusion
Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 14 and earlier Adobe ColdFusion versions Update 4 and earlier Description: The issue is related to a buffer overflow when handling GIOP packets, which could allow a remote attacker to execute arbitrary code or...
CVE-2022-20919
A vulnerability in the processing of malformed Common Industrial Protocol CIP packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service DoS condition...
Cisco IOS XE Software Arbitrary Code Execution (cisco-sa-ios-xe-evss-code-exe-8cw5VSvw)
According to its self-reported version, Cisco IOS-XE Software is affected by an arbitrary code execution vulnerability. An unauthenticated, remote attacker can execute arbitrary code on the underlying Linux operating system of an affected device. The vulnerability is due to incorrect boundary...
Buffer overflow
A vulnerability in the Easy Virtual Switching System VSS feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying Linux operating system of an...
Design/Logic Flaw
A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent...
UBUNTU-CVE-2020-13987
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upperlayerchksum in net/ipv4/uip.c...
Mitsubishi Electric MELSEC iQ-R series Resource Management Error Vulnerability
The Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller from Mitsubishi Electric Japan. The MELSEC iQ-R series suffers from a resource management error vulnerability that originates when the module receives a specially crafted SLMP packet from a malicious attacker, which may...
UBUNTU-CVE-2020-25662
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the...
kernel: net: bluetooth: information leak when processing certain AMP packets
An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP Alternate MAC-PHY Manager Protocol packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory o...
kernel: net: bluetooth: type confusion while processing AMP packets
A flaw was found in the way the Linux kernel’s Bluetooth implementation handled L2CAP Logical Link Control and Adaptation Protocol packets with A2MP Alternate MAC-PHY Manager Protocol CID Channel Identifier. This flaw allows a remote attacker in an adjacent range to crash the system, causing a...
CVE-2020-3494 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities
Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition of an affected...
Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild
Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP...
CVE-2020-11897
The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets...
Cisco NX-OS Software Code Issue Vulnerability
Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. A code issue vulnerability exists in Cisco NX-OS Software, which arises when the program unblocks and manipulates IP addresses in IP packets sent to locally configured IP...
CVE-2020-3306
A vulnerability in the DHCP module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to incorrect processing ...
Denial Of Service (DoS)
Kerberos is vulnerable to Denial of Service DoS. Multiple checksum validation flaws were discovered in the MIT Kerberos implementation. A remote attacker could use these flaws to tamper with certain Kerberos protocol packets and, possibly, bypass authentication mechanisms in certain configuration...