Lucene search
+L

3463 matches found

Cisco
Cisco
added 2017/09/06 4:0 p.m.53 views

Cisco Catalyst 4000 Series Switches Dynamic ACL Bypass Vulnerability

A vulnerability in the dynamic access control list ACL feature of Cisco IOS XE Software running on Cisco Catalyst 4000 Series Switches could allow an unauthenticated, adjacent attacker to cause dynamic ACL assignment to fail and the port to fail open. This could allow the attacker to pass traffic...

4.7CVSS4.8AI score0.00785EPSS
Exploits0References1
NVD
NVD
added 2017/08/07 6:29 a.m.27 views

CVE-2017-6663

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service DoS condition. More Information: CSCvd88936. Known...

6.5CVSS6.3AI score0.02135EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/08/07 6:0 a.m.29 views

CVE-2017-6663

A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service DoS condition. More Information: CSCvd88936. Known...

6.3AI score0.02135EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2017/07/28 12:0 a.m.32 views

Cisco IOS Software Autonomic Control Plane Channel Information Disclosure Vulnerability (cisco-sa-20170726-aniacp)

A vulnerability in the Autonomic Networking feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane ACP of an affected system and view ACP packets that are transferred in clear text within an affected system. SPDX-FileCopyrightText: 201...

6.5CVSS6.4AI score0.0043EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/07/26 12:0 a.m.3 views

PT-2017-2629 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software versions Denali-16.2.1 through Denali-16.3.1 Description: A vulnerability in the Autonomic Networking feature could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affect...

6.5CVSS7.1AI score0.02135EPSS
Exploits0References11
Cvelist
Cvelist
added 2017/07/14 1:0 p.m.23 views

CVE-2017-1182

IBM Tivoli Monitoring Portal v6 could allow a local network adjacent attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. IBM X-Force ID: 123493...

7.5AI score0.08544EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/07/14 1:0 p.m.23 views

CVE-2017-1183

IBM Tivoli Monitoring Portal v6 could allow a local network adjacent attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. IBM X-Force ID: 123494...

7.5AI score0.00747EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/07/04 6:0 p.m.7 views

logback: Serialization vulnerability in SocketServer and ServerSocketReceiver

It was found that logback is vulnerable to a deserialization issue. Logback can be configured to allow remote logging through SocketServer/ServerSocketReceiver interfaces that can accept untrusted serialized data. Authenticated attackers on the adjacent network can leverage this vulnerability to...

9.8CVSS7.8AI score0.07501EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/06/19 6:38 p.m.13 views

kernel: heap/stack gap jumping via unbounded stack allocations

A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process sta...

7.4CVSS7AI score0.05186EPSS
Exploits3References6
OpenVAS
OpenVAS
added 2017/06/08 12:0 a.m.25 views

Cisco NX-OS Software Fibre Channel over Ethernet Denial of Service Vulnerability (cisco-sa-20170607-nxos)

A vulnerability in the Fibre Channel over Ethernet FCoE protocol implementation in Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition when an FCoE-related process unexpectedly reloads. Copyright C 2017 Greenbone Networks GmbH Some tex...

6.5CVSS6.4AI score0.00683EPSS
Exploits0References1
Prion
Prion
added 2017/05/16 5:29 p.m.11 views

Input validation

A vulnerability in the Plug-and-Play PnP subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point AP or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges. The vulnerability is...

7.9CVSS7.8AI score0.00745EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/05/16 5:0 p.m.19 views

CVE-2017-3873

A vulnerability in the Plug-and-Play PnP subsystem of the Cisco Aironet 1800, 2800, and 3800 Series Access Points running a Lightweight Access Point AP or Mobility Express image could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges. The vulnerability is...

7.8AI score0.00745EPSS
Exploits0References3
ICS
ICS
added 2017/05/09 12:0 a.m.109 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update B)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

7.1CVSS0.4AI score0.01149EPSS
Exploits0References60
ICS
ICS
added 2017/05/09 12:0 a.m.44 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update J)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...

7.1CVSS6.7AI score0.01149EPSS
Exploits0References80
ICS
ICS
added 2017/05/09 12:0 a.m.35 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update I)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...

6.5CVSS6.3AI score0.00469EPSS
Exploits0References44
ICS
ICS
added 2017/05/09 12:0 a.m.53 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update A)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the original advisory...

6.5CVSS0.5AI score0.00469EPSS
Exploits0References34
ICS
ICS
added 2017/05/09 12:0 a.m.59 views

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update D)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

7.1CVSS0.2AI score0.01149EPSS
Exploits0References66
ICS
ICS
added 2017/05/08 12:0 a.m.45 views

ICSA-17-129-01 Siemens devices using the PROFINET Discovery and Configuration Protocol (Update K)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation 2. UPDATE INFORMATION This updated advisory is a...

6.5CVSS6.5AI score0.00469EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2017/04/20 12:0 a.m.28 views

Juniper Junos for M/MX Series Routers IPv6 Neighbor Discovery DoS (JSA10786)

According to its self-reported version and configuration, the remote Juniper Junos M/MX Series device is affected by a denial of service vulnerability in a Packet Forwarding Engine PFE when processing IPv6 neighbor discovery ND packets that originate from subscribers and are destined to M/MX seri...

5.3CVSS5.7AI score0.02235EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/04/20 12:0 a.m.33 views

Juniper Junos Routing Protocol Daemon LDP Packet DoS (JSA10777)

According to its self-reported version and configuration, the remote Juniper Junos device is affected by a memory leak issue in the routing protocol daemon rpd when handling a specific LDP packet, which over time will consume memory that cannot be freed without restarting the rpd process. An...

6.8CVSS6.6AI score0.01567EPSS
Exploits0References2
Rows per page
Query Builder