26 matches found
CVE-2021-33581
MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This occurs in com.idsscheer.ppmmashup.web.webservice.impl.ZPrestoAdminWebService...
EUVD-2011-1495
Malware in sbrugna...
EUVD-2010-0987
Malware in sbrugna...
EUVD-2007-2842
Malware in sbrugna...
EUVD-2020-17931
Malware in sbrugna...
CVE-2022-28655
isclosingsession allows users to create arbitrary tcp dbus connections...
CVE-2022-28655
isclosingsession allows users to create arbitrary tcp dbus connections...
CVE-2021-33581
MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact with arbitrary TCP services, by abusing the feature to check the availability of a PPM connection. This occurs in com.idsscheer.ppmmashup.web.webservice.impl.ZPrestoAdminWebService...
Design/Logic Flaw
A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions...
CVE-2020-25241
A vulnerability has been identified in SIMATIC MV400 family All Versions V7.0.6. The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions...
Unspecified Vulnerability in Siemens SIMATIC MV400 Series TCP Protocol Stack
Siemens SIMATIC MV400 is an industrial device from Siemens Germany. It is used for optical identification. An unspecified vulnerability exists in the Siemens SIMATIC MV400 series TCP protocol stack. An attacker can exploit this vulnerability to terminate arbitrary TCP sessions...
CVE-2017-14117
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...
Code injection
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...
BinProxy - BinProxy is a proxy for arbitrary TCP connections
BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem. Installation Prerequisites Ruby 2.3 or later A C compiler, Ruby headers, etc., are needed to compile several dependencies. On Ubuntu, sudo apt install build-essential ruby-dev should do...
Mozilla FireFox 1.5.x/2.0 - FTP PASV Port-Scanning Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23082/info Mozilla Firefox is prone to vulnerability that may allow attackers to obtain potentially sensitive information. A successful exploit of this issue would cause the affected application to connect to arbitrary TC...
CVE-2013-1648
The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 does not properly validate the publication-source URL, which allows remote authenticated users to trigger arbitrary outbound TCP traffic via a crafted Source field, as demonstrated b...
Wireshark 'bytes_repr_len' Function Denial of Service Vulnerability (Windows)
This host is installed with Wireshark and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbwiresharkbytesreprlendosvulnwin.nasl 7052 2017-09-04 11:50:51Z teissa $ Wireshark 'bytesreprlen' Function Denial of Service Vulnerability Windows Authors: Sooraj KS Copyright:...
CVE-2011-1956
The bytesreprlen function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via arbitrary TCP traffic...
CVE-2011-1956
The bytesreprlen function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via arbitrary TCP traffic...
CVE-2011-1492
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets CSS stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain...