Lucene search
K

61 matches found

OSV
OSV
added 2023/03/23 5:15 p.m.5 views

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

8.6CVSS5.8AI score0.0098EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/03/22 11:0 p.m.3 views

CVE-2023-20072

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

8.6CVSS7.3AI score0.0098EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-13988

An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uipprocess in net/ipv4/uip.c...

7.5CVSS7AI score0.03912EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2023/02/09 12:0 a.m.13 views

PT-2023-12811 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a denial of service in the modem due to a missing null check while processing IP packets with padding. Recommendations: At the moment, there is no information about a...

7.5CVSS7AI score0.00406EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/10/11 12:0 a.m.3 views

PT-2022-6150 · Adobe · Coldfusion

Name of the Vulnerable Software and Affected Versions: Adobe ColdFusion versions Update 14 and earlier Adobe ColdFusion versions Update 4 and earlier Description: The issue is related to a buffer overflow when handling GIOP packets, which could allow a remote attacker to execute arbitrary code or...

10CVSS9.8AI score0.72213EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2022/09/28 11:0 p.m.9 views

CVE-2022-20919

A vulnerability in the processing of malformed Common Industrial Protocol CIP packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service DoS condition...

8.6CVSS7.2AI score0.01042EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/18 12:0 a.m.29 views

Cisco IOS XE Software Arbitrary Code Execution (cisco-sa-ios-xe-evss-code-exe-8cw5VSvw)

According to its self-reported version, Cisco IOS-XE Software is affected by an arbitrary code execution vulnerability. An unauthenticated, remote attacker can execute arbitrary code on the underlying Linux operating system of an affected device. The vulnerability is due to incorrect boundary...

9.8CVSS8.7AI score0.03209EPSS
Exploits0References4
Prion
Prion
added 2021/03/24 8:15 p.m.21 views

Buffer overflow

A vulnerability in the Easy Virtual Switching System VSS feature of Cisco IOS XE Software for Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying Linux operating system of an...

9.3CVSS9.8AI score0.03209EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/01/15 6:15 p.m.23 views

Design/Logic Flaw

A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service DoS to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. These crafted packets, which should be discarded, are instead replicated and sent...

6.1CVSS7.3AI score0.00639EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/12/01 12:0 a.m.5 views

UBUNTU-CVE-2020-13987

An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upperlayerchksum in net/ipv4/uip.c...

7.5CVSS6.6AI score0.03194EPSS
Exploits0References5
CNNVD
CNNVD
added 2020/11/19 12:0 a.m.8 views

Mitsubishi Electric MELSEC iQ-R series Resource Management Error Vulnerability

The Mitsubishi Electric MELSEC iQ-R series is a programmable logic controller from Mitsubishi Electric Japan. The MELSEC iQ-R series suffers from a resource management error vulnerability that originates when the module receives a specially crafted SLMP packet from a malicious attacker, which may...

7.8CVSS7.2AI score0.04731EPSS
Exploits0References7
OSV
OSV
added 2020/11/05 9:15 p.m.5 views

UBUNTU-CVE-2020-25662

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the...

6.5CVSS6.7AI score0.01167EPSS
Exploits5References3
RedHat Linux
RedHat Linux
added 2020/10/20 11:15 a.m.10 views

kernel: net: bluetooth: information leak when processing certain AMP packets

An information leak flaw was found in the way Linux kernel’s Bluetooth stack implementation handled initialization of stack memory when handling certain AMP Alternate MAC-PHY Manager Protocol packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory o...

6.5CVSS6.8AI score0.05714EPSS
Exploits6References8
RedHat Linux
RedHat Linux
added 2020/10/20 9:2 a.m.3 views

kernel: net: bluetooth: type confusion while processing AMP packets

A flaw was found in the way the Linux kernel’s Bluetooth implementation handled L2CAP Logical Link Control and Adaptation Protocol packets with A2MP Alternate MAC-PHY Manager Protocol CID Channel Identifier. This flaw allows a remote attacker in an adjacent range to crash the system, causing a...

8.8CVSS7AI score0.07693EPSS
Exploits5References11
Vulnrichment
Vulnrichment
added 2020/09/24 5:52 p.m.5 views

CVE-2020-3494 Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points CAPWAP protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition of an affected...

7.4CVSS5.6AI score0.00433EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2020/09/01 7:39 a.m.7 views

Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild

Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP...

8.6CVSS7.2AI score0.03631EPSS
Exploits0
OSV
OSV
added 2020/06/17 11:15 a.m.2 views

CVE-2020-11897

The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets...

10CVSS5.8AI score0.09141EPSS
Exploits0References8
CNVD
CNVD
added 2020/06/03 12:0 a.m.3 views

Cisco NX-OS Software Code Issue Vulnerability

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. A code issue vulnerability exists in Cisco NX-OS Software, which arises when the program unblocks and manipulates IP addresses in IP packets sent to locally configured IP...

5.3CVSS7.1AI score0.28537EPSS
Exploits0References1
OSV
OSV
added 2020/05/06 5:15 p.m.6 views

CVE-2020-3306

A vulnerability in the DHCP module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to incorrect processing ...

7.5CVSS6.8AI score0.01233EPSS
Exploits0References1
Veracode
Veracode
added 2020/04/10 12:50 a.m.26 views

Denial Of Service (DoS)

Kerberos is vulnerable to Denial of Service DoS. Multiple checksum validation flaws were discovered in the MIT Kerberos implementation. A remote attacker could use these flaws to tamper with certain Kerberos protocol packets and, possibly, bypass authentication mechanisms in certain configuration...

3.7CVSS3.5AI score0.02847EPSS
Exploits0References41Affected Software1
Rows per page
Query Builder