Lucene search
K

194 matches found

Cvelist
Cvelist
added 2024/02/20 2:45 p.m.39 views

CVE-2023-38562

A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, potentially resulting in code execution. An attacker can send a sequence of unauthenticated packets t...

8.7CVSS8.9AI score0.01081EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/02/20 12:35 p.m.7 views

kernel: NULL pointer dereference in nvmet_tcp_execute_request

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...

7.5CVSS6.6AI score0.01549EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/20 12:0 a.m.6 views

PT-2024-12738 · Unknown · Weston Embedded Uc-Tcp-Ip

Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-TCP-IP version 3.06.01 Description: A double-free vulnerability exists in the IP header loopback parsing functionality. This can be triggered by a specially crafted set of network packets, leading to memory corruption and...

9.1CVSS9.9AI score0.01081EPSS
Exploits1References7
Talos
Talos
added 2024/02/20 12:0 a.m.33 views

Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability

Talos Vulnerability Report TALOS-2023-1829 Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability February 20, 2024 CVE Number CVE-2023-38562 SUMMARY A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A...

9.1CVSS8.8AI score0.01081EPSS
Exploits1
OSV
OSV
added 2024/02/07 9:15 p.m.4 views

UBUNTU-CVE-2023-6356

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...

7.5CVSS6.6AI score0.01448EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2024/02/07 4:21 p.m.6 views

kernel: NULL pointer dereference in nvmet_tcp_build_iovec

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...

7.5CVSS6.6AI score0.01448EPSS
Exploits0References4
OSV
OSV
added 2024/01/12 1:15 a.m.9 views

CVE-2024-21602

A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...

7.5CVSS5.8AI score0.00531EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.6 views

PT-2023-8993 · Tp Link · Tp-Link N300 Wireless Access Point +1

Name of the Vulnerable Software and Affected Versions: Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 version 5.1.0 Build 20220926 Tp-Link N300 Wireless Access Point EAP115 V4 version 5.0.4 Build 20220216 Description: A command execution vulnerability exists in the tddpd enable te...

9.8CVSS8.2AI score0.01749EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.7 views

PT-2023-9017 · Tp Link · Eap225 V3 +1

Name of the Vulnerable Software and Affected Versions: Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 version 5.1.0 Build 20220926 Tp-Link N300 Wireless Access Point EAP115 V4 version 5.0.4 Build 20220216 Description: A command execution issue exists in the tddpd enable test mode...

9.8CVSS8.1AI score0.01749EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.5 views

PT-2023-9012 · Tp Link · Tp-Link Ac1350 Wireless Mu-Mimo Gigabit Access Point +1

Name of the Vulnerable Software and Affected Versions: Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 version 5.1.0 Build 20220926 Tp-Link N300 affected versions not specified Description: A denial of service issue exists in the TDDP functionality, related to the use of dangerous...

7.5CVSS7.1AI score0.13479EPSS
Exploits1References12
SUSE CVE
SUSE CVE
added 2023/10/31 2:19 a.m.5 views

SUSE CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.9AI score0.01175EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2023/05/29 7:0 a.m.3 views

pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.

...

7.5CVSS6.7AI score0.01175EPSS
Exploits0
OSV
OSV
added 2023/05/29 12:15 a.m.1 views

DEBIAN-CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.6AI score0.01175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/05/29 12:15 a.m.3 views

CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS5.9AI score0.01175EPSS
Exploits0References2
OSV
OSV
added 2023/05/29 12:15 a.m.6 views

AZL-26873 CVE-2023-30570 affecting package libreswan for versions less than 4.14-1

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.6AI score0.01175EPSS
Exploits0References1
OSV
OSV
added 2023/05/29 12:15 a.m.6 views

UBUNTU-CVE-2023-30570

pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...

7.5CVSS6.9AI score0.01175EPSS
Exploits0References4
CVE
CVE
added 2023/05/28 12:0 a.m.154 views

CVE-2023-30570

Libreswan (pluto) vulnerabilities exist in versions before 4.11, caused by an IKEv1 Aggressive Mode handling that can crash the pluto daemon and cause a denial of service. The earliest affected release is 3.28. Multiple advisories and CVE coverage confirm the issue, with fixes available in later ...

7.5CVSS7.2AI score0.01175EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.8 views

Weston Embedded uC-FTPs 授权问题漏洞

Weston Embedded uC-FTPs is a Micrium FTP File Transfer Protocol server from Weston Embedded. A security vulnerability exists in Weston Embedded uC-FTPs v 1.98.00, which stems from an authentication bypass vulnerability in the authentication feature that could allow an attacker to send a series of...

8.6CVSS7.3AI score0.01488EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.22 views

WAGO I/O-CHECK Buffer Copy Without Checking Size of Input (CVE-2019-5082)

An exploitable heap buffer overflow vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC200 Firmware version 03.01.0713, WAGO PFC200 Firmware version 03.00.3912, and WAGO PFC100 Firmware version 03.00.3912. A specially crafted set of packets can cause a heap buffer...

9.8CVSS8.7AI score0.03316EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:56 a.m.5 views

SUSE CVE-2016-9042

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin...

5.9CVSS8.7AI score0.0396EPSS
Exploits2References8
Rows per page
Query Builder