194 matches found
CVE-2023-38562
A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, potentially resulting in code execution. An attacker can send a sequence of unauthenticated packets t...
kernel: NULL pointer dereference in nvmet_tcp_execute_request
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service...
PT-2024-12738 · Unknown · Weston Embedded Uc-Tcp-Ip
Name of the Vulnerable Software and Affected Versions: Weston Embedded uC-TCP-IP version 3.06.01 Description: A double-free vulnerability exists in the IP header loopback parsing functionality. This can be triggered by a specially crafted set of network packets, leading to memory corruption and...
Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability
Talos Vulnerability Report TALOS-2023-1829 Weston Embedded uC-TCP-IP IP header loopback parsing double-free vulnerability February 20, 2024 CVE Number CVE-2023-38562 SUMMARY A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A...
UBUNTU-CVE-2023-6356
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...
kernel: NULL pointer dereference in nvmet_tcp_build_iovec
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...
CVE-2024-21602
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS Evolved on ACX7024, ACX7100-32C and ACX7100-48L allows an unauthenticated, network-based attacker to cause a Denial of Service DoS. If a specific IPv4 UDP packet is received and sent to the Routing Engine RE packetio crashes an...
PT-2023-8993 · Tp Link · Tp-Link N300 Wireless Access Point +1
Name of the Vulnerable Software and Affected Versions: Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 version 5.1.0 Build 20220926 Tp-Link N300 Wireless Access Point EAP115 V4 version 5.0.4 Build 20220216 Description: A command execution vulnerability exists in the tddpd enable te...
PT-2023-9017 · Tp Link · Eap225 V3 +1
Name of the Vulnerable Software and Affected Versions: Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 version 5.1.0 Build 20220926 Tp-Link N300 Wireless Access Point EAP115 V4 version 5.0.4 Build 20220216 Description: A command execution issue exists in the tddpd enable test mode...
PT-2023-9012 · Tp Link · Tp-Link Ac1350 Wireless Mu-Mimo Gigabit Access Point +1
Name of the Vulnerable Software and Affected Versions: Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 version 5.1.0 Build 20220926 Tp-Link N300 affected versions not specified Description: A denial of service issue exists in the TDDP functionality, related to the use of dangerous...
SUSE CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.
...
DEBIAN-CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
AZL-26873 CVE-2023-30570 affecting package libreswan for versions less than 4.14-1
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
UBUNTU-CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service responder SPI mishandling and daemon crash via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28...
CVE-2023-30570
Libreswan (pluto) vulnerabilities exist in versions before 4.11, caused by an IKEv1 Aggressive Mode handling that can crash the pluto daemon and cause a denial of service. The earliest affected release is 3.28. Multiple advisories and CVE coverage confirm the issue, with fixes available in later ...
Weston Embedded uC-FTPs 授权问题漏洞
Weston Embedded uC-FTPs is a Micrium FTP File Transfer Protocol server from Weston Embedded. A security vulnerability exists in Weston Embedded uC-FTPs v 1.98.00, which stems from an authentication bypass vulnerability in the authentication feature that could allow an attacker to send a series of...
WAGO I/O-CHECK Buffer Copy Without Checking Size of Input (CVE-2019-5082)
An exploitable heap buffer overflow vulnerability exists in the iocheckd service I/O-Check functionality of WAGO PFC200 Firmware version 03.01.0713, WAGO PFC200 Firmware version 03.00.3912, and WAGO PFC100 Firmware version 03.00.3912. A specially crafted set of packets can cause a heap buffer...
SUSE CVE-2016-9042
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin...