Lucene search
K

243 matches found

OSV
OSV
added 2024/10/23 5:15 p.m.4 views

CVE-2024-20268

A vulnerability in the Simple Network Management Protocol SNMP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an unexpected reload of the device. This vulnerability is due to...

7.7CVSS5.9AI score0.00618EPSS
Exploits0References3
OSV
OSV
added 2024/09/23 6:15 p.m.3 views

CVE-2024-0005

A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration...

8.8CVSS6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.5 views

PT-2024-30548 · Mguard · Mguard

Name of the Vulnerable Software and Affected Versions: mGuard devices versions prior to firmware 8.9.3 or 10.4.1 Description: A low privileged remote attacker with write permissions can reconfigure the SNMP service due to improper input validation. This issue allows hackers to access confidential...

8.8CVSS7.6AI score0.00565EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2024/08/13 12:0 a.m.11 views

The vulnerability of the Demon Routing Protocol Daemon (rpd) in Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon rpd in Junos OS and Junos OS Evolved lies in the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a specially crafted SNMP request...

6.8CVSS5.5AI score0.00335EPSS
Exploits0References4Affected Software2
Broadcom
Broadcom
added 2024/07/30 12:0 a.m.8 views

Command or parameter injection via unique embedded switch SNMP commands (CVE-2024-5461)

Implementation of the Simple Network Management Protocol SNMP operating on the Brocade 6547 FC5022 embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations that are only...

8.6CVSS7.5AI score0.00422EPSS
Exploits1
CNNVD
CNNVD
added 2024/04/18 12:0 a.m.5 views

Cisco IOS和IOS XE 访问控制错误漏洞

Cisco IOS and IOS XE are a set of operating systems developed by Cisco for its network devices. An access control error vulnerability exists in the Simple Network Management Protocol SNMP IPv4 access control list feature of Cisco IOS Software and IOS XE Software, which stems from the program not...

5.3CVSS6.7AI score0.00511EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/17 12:0 a.m.3 views

PT-2024-3809 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the implementation of the Simple Network Management Protocol SNMP IPv4 access control list ACL feature could allow an unauthenticated...

5.3CVSS7.1AI score0.00511EPSS
Exploits0References6
NVD
NVD
added 2024/04/16 8:15 p.m.21 views

CVE-2022-24809

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

6.5CVSS6.3AI score0.01105EPSS
Exploits0References7
CVE
CVE
added 2024/04/16 7:59 p.m.168 views

CVE-2022-24810

Net-snmp vulnerability CVE-2022-24810: A malformed OID in a SET to NET-SNMP’s VACM nsVacmAccessTable can cause a NULL pointer dereference. Affected are versions prior to 5.9.2; 5.9.2 contains a patch. Mitigations: upgrade to 5.9.2+ and restrict access; use strong SNMPv3 credentials and limit IP a...

8.8CVSS6.1AI score0.01146EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2024/04/16 7:59 p.m.40 views

CVE-2022-24810

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

8.8CVSS6.8AI score0.01146EPSS
Exploits0
OSV
OSV
added 2024/04/16 7:56 p.m.27 views

CVE-2022-24809 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a GET-NEXT to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong...

6.5CVSS7.1AI score0.01105EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2024/04/16 7:52 p.m.22 views

CVE-2022-24808 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

6.5CVSS6.6AI score0.01131EPSS
Exploits0References8
OSV
OSV
added 2024/04/16 7:52 p.m.38 views

CVE-2022-24808 net-snmp: A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users shou...

6.5CVSS7.1AI score0.01131EPSS
Exploits0References11
CVE
CVE
added 2024/04/16 7:44 p.m.269 views

CVE-2022-24806

Net-snmp vulnerability CVE-2022-24806: improper input validation when SETing malformed OIDs in master agent and subagent can be triggered prior to version 5.9.2. Affected: net-snmp tools/agent; fix: upgrade to 5.9.2 or later. Mitigation note: use strong SNMPv3 credentials and avoid sharing them; ...

6.5CVSS6.2AI score0.01052EPSS
Exploits0References6Affected Software1
AlpineLinux
AlpineLinux
added 2024/04/16 7:44 p.m.37 views

CVE-2022-24806

net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a...

6.5CVSS6.8AI score0.01052EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/03/25 12:0 a.m.4 views

The vulnerability of the Simple Network Management Plane (SNMP) server of the Cisco IOS operating system, which allows a hacker to bypass security restrictions

The vulnerability of the Simple Network Management Plane SNMP on the Cisco IOS operating system is related to deficiencies in access control based on Access Control Lists ACLs. Exploiting this vulnerability allows a malicious actor to bypass security restrictions remotely...

4.3CVSS5.5AI score0.0025EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.5 views

PT-2024-20026 · Korenix · Korenix Jeti/O 6550

Name of the Vulnerable Software and Affected Versions: Korenix JetI/O 6550 version F208 Build:0817 Description: The issue concerns an information exposure vulnerability. It is related to the SNMP protocol, which transfers data in plaintext. This allows an attacker to intercept traffic and retriev...

6.2CVSS6.6AI score0.00183EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2024/01/06 12:0 a.m.4 views

The vulnerability of the PAN-OS operating system’s web interface allows attackers to obtain credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP.

The vulnerability of the PAN-OS operating system’s web interface is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor to obtain login credentials in plain text for stored external system integrations such as LDAP, SCP, RADIUS, TACACS+,...

6.1CVSS6.5AI score0.00624EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/14 12:0 a.m.4 views

The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device allows a hacker to execute arbitrary commands.

The vulnerability of the SNMPv2 protocol implementation in ASUS’ ASMB8 iKVM remote control device is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS8.1AI score0.17399EPSS
Exploits6References4Affected Software1
OSV
OSV
added 2023/12/05 12:24 a.m.3 views

CVE-2023-48692 Azure RTOS NetX Duo Remote Code Execution Vulnerability

Azure RTOS NetX Duo is a TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications. An attacker can cause remote code execution due to memory overflow vulnerabilities in Azure RTOS NETX Duo. The affected components include processes/functions related to icmp,...

9CVSS8.5AI score0.03134EPSS
Exploits0References3
Rows per page
Query Builder