Lucene search
+L

186 matches found

osv
osv
added 2024/01/28 1:15 p.m.1 views

UBUNTU-CVE-2023-6200

A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution...

7.5CVSS6AI score0.02166EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2023/12/21 12:0 a.m.2 views

PT-2023-8473 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A race condition was found in the Linux Kernel, related to the reuse of previously freed memory due to concurrent access to a resource in the fib6 add function in the net/ipv6/ip6 fib....

7.5CVSS7.8AI score0.02166EPSS
Exploits0References30
osv
osv
added 2023/04/17 10:15 p.m.7 views

CVE-2023-28981

An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If the receipt of router advertisements is enabled on an interface and a specifically malformed RA packet is...

6.5CVSS5.7AI score0.00303EPSS
Exploits0References1
cvelist
cvelist
added 2023/04/17 12:0 a.m.20 views

CVE-2023-28981 Junos OS and Junos OS Evolved: If malformed IPv6 router advertisements are received, memory corruption will occur which causes an rpd crash

An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service DoS. If the receipt of router advertisements is enabled on an interface and a specifically malformed RA packet is...

6.5CVSS6.7AI score0.00303EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2023/04/12 12:0 a.m.6 views

PT-2023-3064 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 20.3R3-S5 Juniper Networks Junos OS versions prior to 20.4R3-S3 Juniper Networks Junos OS versions prior to 21.1R3-S4 Juniper Networks Junos OS versions prior to 21.2R3 Juniper Networks Junos OS...

6.5CVSS6.5AI score0.00303EPSS
Exploits0References7
susecve
susecve
added 2023/02/15 5:23 a.m.6 views

SUSE CVE-2015-0272

GNOME NetworkManager allows remote attackers to cause a denial of service IPv6 traffic disruption via a crafted MTU value in an IPv6 Router Advertisement RA message, a different vulnerability than CVE-2015-8215...

5CVSS6.9AI score0.05059EPSS
Exploits0References17
susecve
susecve
added 2023/02/15 4:0 a.m.5 views

SUSE CVE-2020-10749

A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or...

6CVSS8.2AI score0.02428EPSS
Exploits1References11
susecve
susecve
added 2023/02/15 3:58 a.m.6 views

SUSE CVE-2020-13401

An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...

6CVSS6.9AI score0.02839EPSS
Exploits0References12
kitploit
kitploit
added 2022/07/27 12:30 p.m.48 views

Pretender - Your MitM Sidekick For Relaying Attacks Featuring DHCPv6 DNS Takeover As Well As mDNS, LLMNR And NetBIOS-NS Spoofing

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing pretender is a tool developed by RedTeam Pentesting to obtain machine-in-the-middle positions via spoofed local name resolution and DHCPv6 DNS takeover attacks. pretender primarily...

6.8AI score
Exploits0References3
github
github
added 2022/05/24 5:19 p.m.43 views

containernetworking/plugins vulnerable to MitM attacks

A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or...

6CVSS6.6AI score0.02428EPSS
Exploits1References8Affected Software1
osv
osv
added 2022/03/25 6:15 p.m.4 views

CVE-2022-27882

slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation...

7.5CVSS7.4AI score0.01877EPSS
Exploits1References4
attackerkb
attackerkb
added 2022/03/25 6:15 p.m.2 views

CVE-2022-27882

slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation...

7.5CVSS7.3AI score0.01877EPSS
Exploits1References5
attackerkb
attackerkb
added 2022/03/25 6:15 p.m.5 views

CVE-2022-27881

engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation...

7.5CVSS7.3AI score0.01869EPSS
Exploits1References5
osv
osv
added 2022/02/15 1:57 a.m.28 views

GHSA-QRRC-WW9X-R43G Improper Input Validation in Docker Engine

An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...

6CVSS6.1AI score0.02839EPSS
Exploits0References10
github
github
added 2022/02/15 1:57 a.m.38 views

Improper Input Validation in Docker Engine

An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service...

6CVSS2.5AI score0.02839EPSS
Exploits0References11Affected Software1
ibm
ibm
added 2021/07/30 5:4 a.m.29 views

Security Bulletin: A vulnerability was found in all versions of container networking/plugins before version 0.8.6 of pipeline-utils affecting IBM Cloud Pak for Applications

Summary A vulnerability was found in all versions of container networking/plugins before version 0.8.6 of pipeline-utils, affecting IBM Cloud Pak for Applications. This has been addressed in IBM Cloud Pak for Applications 4.3.1 Vulnerability Details CVEID: CVE-2020-10749 DESCRIPTION: Container...

6CVSS1.2AI score0.02428EPSS
Exploits1Affected Software1
github
github
added 2021/05/27 7:0 p.m.72 views

Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements

Impact An attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 on the kernel cmdline, it wi...

5.8CVSS0.7AI score0.0086EPSS
Exploits0References4Affected Software1
broadcom
broadcom
added 2021/05/10 12:0 a.m.13 views

BSA-2020-1037

Security Advisory ID : BSA-2020-1037 Component : Docker Engine Revision : 1.0 An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAPNETRAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive...

6CVSS6.9AI score0.02839EPSS
Exploits0
osv
osv
added 2021/04/12 7:15 p.m.4 views

CVE-2021-3128

In ASUS RT-AX3000, ZenWiFi AX XT8, RT-AX88U, and other ASUS routers with firmware 3.0.0.4.386.42095 or 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix...

7.5CVSS5.8AI score0.02184EPSS
Exploits0References27
nessus
nessus
added 2021/01/11 12:0 a.m.43 views

Fedora 32 : golang-github-containernetworking-plugins (2021-ccb8a9c403)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-ccb8a9c403 advisory. - A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes...

6CVSS6.8AI score0.02428EPSS
Exploits1References2
Rows per page
Query Builder