Lucene search
K

49 matches found

Cvelist
Cvelist
added 2016/10/03 9:0 p.m.20 views

CVE-2016-8278

Huawei USG9520, USG9560, and USG9580 unified security gateways with software before V300R001C01SPCa00 allow remote attackers to cause a denial of service device restart via an unspecified URL...

7.5AI score0.012EPSS
Exploits0References2
Cvelist
Cvelist
added 2016/09/22 3:0 p.m.17 views

CVE-2016-6669

Buffer overflow in the Authentication, Authorization and Accounting AAA module in Huawei USG2100, USG2200, USG5100, and USG5500 unified security gateways with software before V300R001C10SPC600 allows remote authenticated RADIUS servers to execute arbitrary code by sending a crafted EAP packet...

7.8AI score0.03327EPSS
Exploits0References2
NVD
NVD
added 2015/12/07 8:59 p.m.17 views

CVE-2015-8084

Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service reboot via crafted DHC...

7.1CVSS6.8AI score0.00853EPSS
Exploits0References2
Cvelist
Cvelist
added 2015/12/07 8:0 p.m.20 views

CVE-2015-8084

Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is enabled on an interface, allow remote attackers to cause a denial of service reboot via crafted DHC...

6.8AI score0.00853EPSS
Exploits0References2
Prion
Prion
added 2013/09/16 1:2 p.m.24 views

Information disclosure

The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate...

5.8CVSS5.7AI score0.008EPSS
Exploits1References5Affected Software2
Cvelist
Cvelist
added 2013/09/16 1:0 a.m.29 views

CVE-2013-1028

The IPSec implementation in Apple Mac OS X before 10.8.5, when Hybrid Auth is used, does not verify X.509 certificates from security gateways, which allows man-in-the-middle attackers to spoof security gateways and obtain sensitive information via a crafted certificate...

5.2AI score0.008EPSS
Exploits1References5
seebug.org
seebug.org
added 2011/09/14 12:0 a.m.20 views

WordPress WP e-Commerce plugin <= 3.8.6 SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress WP e-Commerce plugin = 3.8.6 SQL Injection Vulnerability Date: 2011-09-13 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/wp-e-commerce.3.8.6.zip Version: 3.8.6 tested...

7.1AI score
Exploits0
Symantec
Symantec
added 2005/11/21 8:0 a.m.130 views

Symantec Dynamic VPN Services: ISAKMP Denial of Service

SUMMARY The NISCC National Infrastructure Security Co-ordination Centre a UK-sponsored inter-departmental agency has identified nearly five-thousand potential ISAKMP vulnerabilities. Test for these vulnerabilities were created by the NISCC and distributed to an unspecified number of vendors...

0.9AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2004/01/03 12:0 a.m.32 views

Re: multiple payload handling flaws in isakmpd, again

There is one important thing I forgot to mention. In isakmpd deleting an IPsec SA also means deleting the appropriate IPsec policy in almost any case. Take a look at pfkeyv2deletespi in pfkeyv2.c. It calls pfkeyv2disablesa, the policy eraser ;-, if the SA was not acquired through the kernel: if...

1.4AI score
Exploits0
Rows per page
Query Builder