Astra Linux - уязвимость в net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials could exploit an improper input validation vulnerability when setting malformed OIDs in both the master agent and subagent simultaneously. Version 5.9.2...

lwip-2026-pocs

lwip-2026-pocs Proof-of-concept exploits from the xchglabs...

F5 BIG-IP和F5 BIG-IQ 命令注入漏洞

F5 BIG-IP and F5 BIG-IQ are both products from the American company F5. F5 BIG-IP is an application delivery platform that integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IQ is a software-based cloud management solution. This...

CLSA-2026-1778234216 cups: Fix of CVE-2026-41079

CVE-2026-41079: limit numbytes for SNMP string values to prevent out-of-bounds read in asn1decodesnmp...

CVE-2026-41079

A flaw was found in CUPS. A network-adjacent attacker can send a specially crafted Simple Network Management Protocol SNMP response to the CUPS SNMP backend, leading to an out-of-bounds read. This vulnerability allows for the disclosure of up to 176 bytes of sensitive memory, which is then...

EUVD-2026-25574

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

CVE-2026-41079 OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

CVE-2026-4832

The CVE-2026-4832 entry describes CWE-798: Use of Hard-coded Credentials that could allow unauthorized access to sensitive device information when an unauthenticated attacker interrogates the SNMP port. The connected sources reiterate the same root cause and impact but do not specify affected pro...

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting Corporation. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from insecure...

CVE-2026-20048

A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper processing when...

net-snmp: buffer overflow via a specially crafted packet can cause a crash in snmptrapd

A flaw was found in net-snmp. A remote attacker can trigger a buffer overflow in the snmptrapd daemon by sending a specially crafted SNMP packet, causing the daemon to crash and resulting in a denial of service...

MiracleLinux 4 : net-snmp-5.5-49.AXS4.1.0.1 (AXSA:2014-203:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-203:02 advisory. SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an...

MiracleLinux 3 : net-snmp-5.3.1-24.2 (AXSA:2008-485:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-485:02 advisory. SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an...

USN-7944-1: Net-SNMP vulnerability

Bahae Bahrini discovered that Net-SNMP could be made to write out of bounds. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...

Net-SNMP SnmpTrapd Agent Message Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Net-SNMP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SnmpTrapd service, which listens on UDP port 162 by default. The issue results from the lac...

Advantech iView SQL Injection Vulnerability

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that stems from improper SNMP v1 trap request cleanup, which can be exploited by attackers to obta...

CVE-2025-13373

Advantech iView is affected by a SQL injection vulnerability (CVE-2025-13373) in SNMP v1 trap handling. Affected versions are 5.7.05.7057 and earlier. The root cause is improper sanitization/cleanup of SNMP v1 trap requests received on UDP port 162, which can allow an attacker to inject arbitrary...

Advantech iView SQL Injection Vulnerability (CNVD-2025-31064)

Advantech iView is a software developed by Advantech for managing B+BSmartWorx series devices through a simple network management protocol. Advantech iView suffers from a SQL injection vulnerability that originates from an authentication bypass of the ztpconfigid parameter of the NetworkServlet...

CVE-2022-50592

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘getInventoryReportData’ parameter to the ‘NetworkServlet’ endpoint...

CVE-2020-36869

Nagios XI versions prior to 5.7.5 contain a SQL injection vulnerability in the SNMP Trap Interface edit page. Exploitation requires an account with administrative privileges to access the affected interface. A user with administrative access could supply crafted input that is not properly...