Lucene search
+L

3463 matches found

Cisco
Cisco
added 2014/04/29 6:38 p.m.30 views

Cisco Adaptive Security Appliance DHCPv6 Denial of Service Vulnerability

A vulnerability in the DHCP code of Cisco ASA Software could allow an unauthenticated, adjacent attacker to cause the reload of an affected system. The vulnerability is due to insufficient validation of crafted or malformed DHCP version 6 DHCPv6 packets when DHCPv6 replay feature is enabled. An...

6.1CVSS6.2AI score0.00739EPSS
Exploits0References1
CERT
CERT
added 2014/03/06 12:0 a.m.36 views

Huawei E355 contains a direct request vulnerability

Overview Huawei E355 USB WiFi adapter with firmware version: 21.157.37.01.910 has been reported to contain a direct request vulnerability in the web interface. CWE-425 Description Huawei E355 USB WiFi adapter with firmware version: 21.157.37.01.910 has been reported to contain a direct request...

4.3CVSS6.4AI score0.06129EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2013/10/17 12:0 a.m.28 views

Juniper Junos Unnumbered Interface Cache Poisoning Remote DoS and Information Disclosure (JSA10595)

According to its self-reported version number, the remote Juniper Junos device is affected by denial of service and information disclosure vulnerabilities. An adjacent attacker can poison the ARP cache and create a bogus forwarding table entry for an IP address, effectively creating a denial of...

9.3CVSS8.5AI score0.00848EPSS
Exploits0References2
Cisco
Cisco
added 2013/10/09 6:42 p.m.24 views

Cisco IOS Software DHCP Server remember Functionality Vulnerability

An issue in the DHCP server code of Cisco IOS Software could allow an unauthenticated, adjacent attacker to cause the device to reload. The issue is due to the remember functionality of the DHCP server. An attacker could exploit this issue by obtaining a lease and then releasing it. An exploit...

5.7CVSS2.2AI score0.00512EPSS
Exploits0References1
Cisco
Cisco
added 2013/09/27 2:4 a.m.27 views

Cisco Unified Computing System FTP User Vulnerability

A vulnerability in the FTP server of the Cisco Unified Computing System could allow an unauthenticated, adjacent attacker to view and modify files. The vulnerability is due to an undocumented user account with a hard-coded password. An attacker could exploit this vulnerability by accessing the FT...

4.8CVSS1.6AI score0.00595EPSS
Exploits0References1
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.71 views

MiniUPnPd Information Disclosure (CVE-2013-2600)

Hi list, I am writing to inform you of an information disclosure vulnerability I noticed in MiniUPnPd a few months back. Specifically, MiniUPnPd versions 1.8 and earlier are prone to an information disclosure vulnerability due to improper use of snprintf while preparing SSDP responses. An attacke...

6.8AI score0.02335EPSS
Exploits1
Cisco
Cisco
added 2013/04/11 9:0 p.m.43 views

Cisco uBR10000 Series IPv4/IPv6 Dual Stack Vulnerability

Cisco uBR10000 Series Universal Broadband Routers contain a vulnerability that could allow an unauthenticated, adjacent attacker to trigger the reload of the routing engine on the affected device. An attacker could exploit this vulnerability by manipulating IPv4 and IPv6 address assignments on a...

5.7CVSS3.8AI score0.00647EPSS
Exploits0References1
Cisco
Cisco
added 2013/02/13 9:31 p.m.21 views

Cisco Small Business Wireless Access Points SSID Validation Vulnerability

Cisco Small Business Wireless Access Points contain a vulnerability that could allow an unauthenticated, adjacent attacker cause a denial of service DoS condition. The vulnerability is due to improper validation of the Service Set Identifier SSID when the affected product is performing a "site...

6.4CVSS2.9AI score0.00512EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2013/01/24 7:6 p.m.8 views

JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

3.3CVSS6.3AI score0.01448EPSS
Exploits1References4
Prion
Prion
added 2012/11/23 8:55 p.m.24 views

Design/Logic Flaw

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

3.3CVSS6.8AI score0.01448EPSS
Exploits1References19Affected Software3
Cvelist
Cvelist
added 2012/11/23 8:0 p.m.27 views

CVE-2012-2377

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

5.5AI score0.01448EPSS
Exploits1References19
RedHat Linux
RedHat Linux
added 2012/09/05 4:26 p.m.5 views

JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

3.3CVSS6.3AI score0.01448EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2012/08/29 4:19 a.m.5 views

Mozilla: Multiple Use-after-free issues (MFSA 2012-58)

Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a...

10CVSS7.8AI score0.05566EPSS
Exploits0References4
Cisco
Cisco
added 2011/09/28 4:22 p.m.28 views

Cisco IOS Software Crafted IPv6 over MPLS Denial of Service Vulnerability

Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS on a targeted device. The vulnerability is due to the processing of IP version 6 IPv6 packets by the vulnerable version of software on an affected device. If an...

6.1CVSS6.7AI score0.00737EPSS
Exploits0References1
Metasploit
Metasploit
added 2011/03/23 3:23 a.m.52 views

HP OpenView Network Node Manager execvp_nc Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM01207 or NNM01206 without the SSRT100025 hotfix. By specifying a long 'sel' parameter when calling methods within the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow...

10CVSS0.6AI score0.71381EPSS
Exploits9
NVD
NVD
added 2011/01/13 7:0 p.m.28 views

CVE-2010-4052

Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...

5CVSS7.2AI score0.51298EPSS
Exploits12References11
OSV
OSV
added 2011/01/13 7:0 p.m.3 views

DEBIAN-CVE-2010-4052

Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...

5CVSS6.8AI score0.51298EPSS
Exploits12References1
UbuntuCve
UbuntuCve
added 2011/01/13 7:0 p.m.32 views

CVE-2010-4051

The regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service application crash via a regular expression containing adjacent bounded repetitions that bypass the intended REDUPMAX...

5CVSS6.4AI score0.39995EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2009/07/02 12:0 a.m.596 views

RIP Poisoning Routing Table Modification (Adjacent Network)

It was possible to poison the remote host routing tables through the RIP protocol. An attacker may use this to hijack network connections. Several RIP agents reject routes that are not sent by a neighbor, so this flaw may not be exploitable from a non-adjacent network. C Tenable Network Security,...

5.6AI score
Exploits0
CVE
CVE
added 2007/12/19 9:0 p.m.58 views

CVE-2007-5851

CVE-2007-5851 affects Apple Mac OS X 10.4.11's iChat. The issue allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors. The OpenVAS/NVD entries reference Mac OS X Security Update 2007-009 as a remediation path, but the provided do...

3.6CVSS8.5AI score0.00742EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder