16 matches found
EulerOS 2.0 SP10 : krb5 (EulerOS-SA-2025-2391)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege checksum vulnerability exists in the Huawei HarmonyOS home screen module, which can be exploited by an attacker to compromise usability...
D-Link DI-8100 Buffer Overflow Vulnerability
The D-Link DI-8100 is an enterprise-class router from D-Link. A buffer overflow vulnerability exists in the D-Link DI-8100 version 1.0, which originates from an insufficient checksum of parameter mx in the sprintf function in the /ddns.asp?opt=add file of component jhttpd. The vulnerability can b...
CVE-2025-3576
A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This ma...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10.1.5)
The version of AOS installed on the remote host is prior to 6.10.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10.1.5 advisory. - virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic templa...
The vulnerability in the implementation of the TCP checksum function for TCP/IP protocols such as NicheLite and InterNiche allows a attacker to cause a service failure.
The vulnerability of the TCP checksum implementation in the TCP/IP protocols NicheLite and InterNiche is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500, DSR-500N, DSR-500AC, DSR-1000, DSR-1000N, and DSR-1000AC router microprogramming systems lies in the deficiencies in the algorithm for calculating the checksum. This vulnerability allows attackers to exploit their privileges and execute arbitrary code.
The vulnerability of the software for monitoring the performance of SolarWinds Database Performance Analyzer is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute a cross-site scripting attack remotely...
DEBIAN-CVE-2018-12088
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...
UBUNTU-CVE-2018-12088
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is...
Huawei Multiple Products H323 Protocol Null Pointer Reference Vulnerability (CNVD-2018-08041)
AR120-S, AR1200, DP300, RSE6500, Secospace USG6300, ViewPoint 8660 are all network equipment from Huawei China. A null pointer reference vulnerability exists in the H323 protocol of various Huawei products, which allows an attacker to send malformed messages to the affected devices without...
MGASA-2017-0145 Updated samba packages fix security vulnerability
A flaw was found in the way Samba handled PAC Privilege Attribute Certificate checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process CVE-2016-2126. Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this...
samba: Flaws in Kerberos PAC validation can trigger privilege elevation
A flaw was found in the way Samba handled PAC Privilege Attribute Certificate checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process...
Qemu: net: out of bounds read in net_checksum_calculate()
An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could...
kernel: net: incorrect processing of checksums in UDP implementation
A flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in...
Apple iOS Audio Using IOKit Object Validation Vulnerability
Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. Apple iOS audio uses an IOKit object with a checksum issue that allows malicious applications to exploit the vulnerability to execute arbitrary code...
krb5: multiple checksum handling vulnerabilities (MITKRB5-SA-2010-007)
MIT Kerberos 5 aka krb5 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have unspecified other impact via 1 an unkeyed checksum, 2 an unkeyed PAC checksum, or 3 a KrbFastArmoredRe...