Lucene search
K

220 matches found

NVD
NVD
added 2024/04/16 8:15 p.m.23 views

CVE-2022-24809

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

6.5CVSS6.3AI score0.01105EPSS
Exploits0References7
CVE
CVE
added 2024/04/16 7:59 p.m.181 views

CVE-2022-24810

Net-snmp vulnerability CVE-2022-24810: A malformed OID in a SET to NET-SNMP’s VACM nsVacmAccessTable can cause a NULL pointer dereference. Affected are versions prior to 5.9.2; 5.9.2 contains a patch. Mitigations: upgrade to 5.9.2+ and restrict access; use strong SNMPv3 credentials and limit IP a...

8.8CVSS6.1AI score0.01146EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2024/04/16 7:59 p.m.45 views

CVE-2022-24810

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

8.8CVSS6.8AI score0.01146EPSS
Exploits0
OSV
OSV
added 2024/04/16 7:56 p.m.29 views

CVE-2022-24809 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

6.5CVSS7.1AI score0.01105EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/04/16 7:52 p.m.23 views

CVE-2022-24808 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

6.5CVSS6.6AI score0.01131EPSS
Exploits0References8
OSV
OSV
added 2024/04/16 7:52 p.m.41 views

CVE-2022-24808 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

6.5CVSS7.1AI score0.01131EPSS
Exploits0References11
CVE
CVE
added 2024/04/16 7:44 p.m.274 views

CVE-2022-24806

Net-snmp vulnerability CVE-2022-24806: improper input validation when SETing malformed OIDs in master agent and subagent can be triggered prior to version 5.9.2. Affected: net-snmp tools/agent; fix: upgrade to 5.9.2 or later. Mitigation note: use strong SNMPv3 credentials and avoid sharing them; ...

6.5CVSS6.2AI score0.01052EPSS
Exploits0References6Affected Software1
AlpineLinux
AlpineLinux
added 2024/04/16 7:44 p.m.37 views

CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...

6.5CVSS6.8AI score0.01052EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/03/25 12:0 a.m.5 views

The vulnerability of the Simple Network Management Plane (SNMP) server of the Cisco IOS operating system, which allows a hacker to bypass security restrictions

The vulnerability of the Simple Network Management Plane SNMP on the Cisco IOS operating system is related to deficiencies in access control based on Access Control Lists ACLs. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

4.3CVSS5.5AI score0.0025EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/06 12:0 a.m.8 views

The vulnerability of the PAN-OS operating system’s web interface allows attackers to obtain credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP.

The vulnerability of the PAN-OS operating system’s web interface is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to obtain login credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+,...

6.1CVSS6.5AI score0.00624EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.5 views

The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device allows a hacker to execute arbitrary commands.

The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS8.1AI score0.17399EPSS
Exploits6References4Affected Software1
OSV
OSV
added 2023/12/05 12:24 a.m.5 views

CVE-2023-48692 Azure RTOS NetX Duo Remote Code Execution Vulnerability

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp,...

9CVSS8.5AI score0.03134EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/11/27 12:0 a.m.9 views

The vulnerability of Siemens SINEMA Server’s network management and configuration software allows a perpetrator to execute arbitrary code with privileges of SYSTEM.

The vulnerability of Siemens SINEMA Server network management and configuration software is related to the possibility of implementing SNMP configurations. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with privileges of SYSTEM remotely...

10CVSS7.6AI score0.00594EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.4 views

Siemens SINEMA Server 跨站脚本漏洞

Siemens SINEMA Server is a software from Siemens, Germany, developed specifically for industrial applications. It enables you to fully visualize and monitor your network. A cross-site scripting vulnerability exists in Siemens SINEMA Server V14 due to an affected application incorrectly clearing...

9CVSS6.8AI score0.00594EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.12 views

PT-2023-6401 · Sinec Nms · Sinec Nms

Name of the Vulnerable Software and Affected Versions: SINEC NMS versions prior to V2.0 Description: The issue arises from the improper sanitization of certain SNMP configuration data retrieved from monitored devices. This could allow an attacker with access to a monitored device to prepare a...

5.5CVSS5.3AI score0.00296EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/08/23 12:0 a.m.6 views

PT-2023-4649 · Cisco · Cisco Fxos +1

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances affected versions not specified Cisco UCS 6300 Series Fabric Interconnects affected versions not specified Description: A vulnerability in the Simple Network...

7.7CVSS6.3AI score0.00509EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.91 views

Moderate: net-snmp security and bug fix update

The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol SNMP, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command...

6.5CVSS6.8AI score0.5346EPSS
Exploits2References6
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.9 views

PT-2023-21550 · Hewlett Packard · Hpe Oneview

Name of the Vulnerable Software and Affected Versions: HPE OneView affected versions not specified Description: The issue concerns an HPE OneView appliance dump that may expose SNMPv3 read credentials. Recommendations: At the moment, there is no information about a newer version that contains a f...

5.5CVSS6.9AI score0.0017EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2023/04/19 9:30 a.m.3 views

U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage

U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against select targets. The intrusions, per the authorities, took place in 2021 and targete...

9CVSS8.1AI score0.21424EPSS
Exploits1
OSV
OSV
added 2023/02/26 8:15 p.m.4 views

CVE-2023-26602

ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by using SNMP to create extensions, as demonstrated by snmpset for NET-SNMP-EXTEND-MIB with /bin/sh for command execution...

9.8CVSS7.6AI score0.17399EPSS
Exploits6References3
Rows per page
Query Builder