Lucene search
+L

446 matches found

0day.today
0day.today
added 2017/04/21 12:0 a.m.72 views

Starscream 2.0.3 SSL Pinning Bypass Vulnerability

WebSocket.swift in Starscream versions 2.0.3 and below allows an SSL Pinning bypass because of incorrect management of the certValidated variable it can be set to true but cannot be set to false. An attacker can achieve traffic interception from a man-in-the-middle position, first by resetting th...

5CVSS7.3AI score0.01905EPSS
Exploits1
CNVD
CNVD
added 2017/04/10 12:0 a.m.7 views

Schneider Electric Modicon PLC Multiple Authentication Bypass Vulnerability (CNVD-2017-04918)

Modicon PLCs are programmable controller products used in industries such as dams, energy, food and agriculture, and more. A multiple authentication bypass vulnerability exists in the Schneider Electric Modicon PLC, where an attacker accessing the OT network could intercept traffic to the target...

9.8CVSS7.3AI score0.05139EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/01/30 12:25 p.m.12 views

Many Android VPN Apps Breaking Privacy Promises

An alarming number of Android VPNs are providing a decidedly false sense of security to users, especially those living in areas where communication is censored or technology is crucial to the privacy and physical security. A study published recently identified a number of shortcomings common to...

7.2AI score
Exploits0References1
Prion
Prion
added 2017/01/06 9:59 p.m.22 views

Design/Logic Flaw

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or an attacker who intercepts the network traffic can send invalid data to trigger this...

4.3CVSS6.7AI score0.02483EPSS
Exploits1References6Affected Software3
OSV
OSV
added 2017/01/06 9:59 p.m.13 views

CVE-2016-2376

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet...

8.1CVSS8.4AI score
Exploits0References6
OSV
OSV
added 2017/01/06 9:59 p.m.9 views

CVE-2016-2366

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious server or an attacker who intercepts the network traffic can send invalid data to trigger this...

5.9CVSS6.4AI score
Exploits0References6
Cvelist
Cvelist
added 2017/01/06 9:0 p.m.24 views

CVE-2016-2376

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet...

8.3AI score0.03732EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the microprogrammed software of the D–Link DSR–250 router allows a malicious individual to intercept network traffic.

The microprogrammed software of the D-Link DSR-250 router does not perform ARP packet authentication for packets transmitted over the IPv4 protocol. This allows for intercepting the traffic processed by this router through ARP spoofing attacks...

10CVSS5.5AI score0.14703EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.9 views

The vulnerability of the microprogrammed routing software of the D–Link DSR–1000 allows a malicious actor to intercept network traffic.

The microprogrammed software of the D-Link DSR-1000 router does not perform ARP packet authentication for packets transmitted over the IPv4 protocol. This allows for intercepting the traffic processed by this router through ARP spoofing attacks...

10CVSS5.5AI score0.14703EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the Zyxel ZLD operating system allows a remote attacker to intercept network traffic.

The Zyxel ZyWALL USG 300 network interface card/mesh router does not perform ARP packet authentication for packets transmitted over the IPv4 protocol. This allows for intercepting traffic processed by this router through ARP spoofing attacks...

10CVSS5.5AI score0.14703EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2016/06/22 8:49 a.m.24 views

CVE-2016-2376

A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malicious server or an attacker who intercepts the network traffic can send an invalid size for a packet...

8.1CVSS4.3AI score0.03732EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2016/06/21 10:8 a.m.33 views

Apple Patches AirPort Remote Code Execution Flaw

Apple is keeping typically tight-lipped about a remote code execution vulnerability it patched in its AirPort router firmware. Last night, Apple released an advisory warning users of the AirPort Express, AirPort Extreme and AirPort Time Capsule base stations that a new firmware was...

10CVSS1.5AI score0.03926EPSS
Exploits0References2
OSV
OSV
added 2016/06/17 3:59 p.m.10 views

CVE-2016-5363

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffi...

8.2CVSS6.3AI score
Exploits0References9
OSV
OSV
added 2016/06/17 3:59 p.m.6 views

DEBIAN-CVE-2016-5363

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffi...

8.2CVSS6.9AI score0.0324EPSS
Exploits0References1
OSV
OSV
added 2016/06/17 3:59 p.m.4 views

DEBIAN-CVE-2016-5362

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message...

8.2CVSS6.9AI score0.03411EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2016/06/17 3:59 p.m.18 views

CVE-2016-5363

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffi...

8.2CVSS6.9AI score0.0324EPSS
Exploits0References1
OSV
OSV
added 2016/06/17 3:59 p.m.3 views

UBUNTU-CVE-2015-8914

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address...

9.1CVSS7AI score0.04248EPSS
Exploits1References2
OSV
OSV
added 2016/06/17 3:59 p.m.3 views

DEBIAN-CVE-2015-8914

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address...

9.1CVSS8.7AI score0.04248EPSS
Exploits1References1
OSV
OSV
added 2016/06/17 3:59 p.m.5 views

UBUNTU-CVE-2016-5362

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message...

8.2CVSS6.9AI score0.03411EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2016/06/17 3:0 p.m.54 views

CVE-2016-5363

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via 1 a crafted DHCP discovery message or 2 crafted non-IP traffi...

8.2CVSS8AI score0.0324EPSS
Exploits0
Rows per page
Query Builder