Lucene search
+L

44 matches found

OSV
OSV
added 2023/05/10 12:0 a.m.44 views

CVE-2023-25568 Boxo bitswap/server: DOS unbounded persistent memory leak

Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affects users acceptin...

8.2CVSS7.7AI score0.00863EPSS
Exploits0References6
Mageia
Mageia
added 2020/03/12 9:47 p.m.51 views

Updated ppp packages fix security vulnerability

Updated ppp packages fix security vulnerability: Ilja Van Sprundel discovered a buffer overflow vulnerability in ppp. When receiving an EAP Request message in client mode, an attacker was able to overflow the rhostname array by providing a very long name CVE-2020-8597...

9.8CVSS2.9AI score0.19582EPSS
Exploits3References2
Citrix
Citrix
added 2020/01/11 12:0 a.m.9 views

Citrix SD-WAN Software Feature Cheat Sheet

The purpose of this article is to provide guidance of what software, hardware, license and management tool is supported per release. Citrix SD-WAN Software Feature Cheat Sheet also attached for reference R11.4.2 – Nov 2,2021| • You can now configure the LTE interface-based WAN link as a Private...

7.5AI score
Exploits0
OSV
OSV
added 2018/10/05 2:29 p.m.6 views

CVE-2018-0197

A vulnerability in the VLAN Trunking Protocol VTP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to corrupt the internal VTP database on an affected device and cause a denial of service DoS condition. The vulnerability is due to a logic...

6.5CVSS5.8AI score0.00625EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/10/17 12:0 a.m.133 views

Fortinet FortiGate < 5.2 / 5.2.x <= 5.2.11 / 5.4.x <= 5.4.5 / 5.6.x <= 5.6.2 Multiple Vulnerabilities (FG-IR-17-196) (KRACK)

The remote host is running FortiOS prior to 5.2, 5.2.x prior to or equal to 5.2.11, 5.4.x prior to or equal 5.4.5, or 5.6.x prior to or equal to 5.6.2. It is, therefore, affected by multiple vulnerabilities discovered in the WPA2 handshake protocol. Note these issues affect only WiFi model device...

6.8CVSS7.3AI score0.02388EPSS
Exploits0References7
Citrix
Citrix
added 2017/08/29 12:0 a.m.9 views

Resources with names ending with the Published Desktop name not showing up in Receiver

This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer toCTX297149for more information Resources with names ending with the published desktop name not showing up in Receiver For passthrough...

6.8AI score
Exploits0
NVD
NVD
added 2017/04/10 3:59 a.m.15 views

CVE-2016-5055

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...

6.1CVSS6.1AI score0.00819EPSS
Exploits1References1
OSV
OSV
added 2017/04/10 3:59 a.m.6 views

CVE-2016-5055

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...

6.1CVSS5.8AI score0.01397EPSS
Exploits2References1
Prion
Prion
added 2017/04/10 3:59 a.m.19 views

Code injection

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...

4.3CVSS6.3AI score0.01397EPSS
Exploits2References1
Cvelist
Cvelist
added 2017/04/10 3:0 a.m.20 views

CVE-2016-5055

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page...

6AI score0.00819EPSS
Exploits1References1
CVE
CVE
added 2017/04/10 3:0 a.m.47 views

CVE-2016-5055

CVE-2016-5055 affects OSRAM SYLVANIA Osram Lightify Pro prior to 2016-07-26, with XSS in the username field and the Wireless Client Mode configuration page. NVD data lists CVSS2/3 base scores (4.3/6.1) and NETWORK attack vector; impact includes partial integrity and low confidentiality, with user...

6.1CVSS6AI score0.00819EPSS
Exploits1References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.23 views

STunnel 3.x Client Negotiation Protocol Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3748/info Stunnel is a freely available, open source cryptography wrapper. It is designed to wrap arbitrary protocols that may or may not support cryptography. It is maintained by the Stunnel project. Stunnel does not...

7.1AI score
Exploits0
OSV
OSV
added 2013/05/02 12:0 a.m.22 views

DSA-2664-1 stunnel4 - buffer overflow

Bulletin has no description...

6.6CVSS6.3AI score0.02932EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/03/05 12:0 a.m.32 views

FreeBSD : stunnel -- Remote Code Execution (c97219b6-843d-11e2-b131-000c299b62e1)

Michal Trojnara reports : 64-bit versions of stunnel with the following conditions : NTLM authentication enabled CONNECT protocol negotiation enabled Configured in SSL client mode An attacker that can either control the proxy server specified in the 'connect' option or execute MITM attacks on the...

6.6CVSS8.7AI score0.02932EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2013/03/03 12:0 a.m.43 views

stunnel -- Remote Code Execution

Michal Trojnara reports: 64-bit versions of stunnel with the following conditions: NTLM authentication enabled CONNECT protocol negotiation enabled Configured in SSL client mode An attacker that can either control the proxy server specified in the "connect" option or execute MITM attacks on the T...

6.6CVSS7.5AI score0.02932EPSS
Exploits0References1
CVE
CVE
added 2012/05/02 10:0 a.m.43 views

CVE-2011-3309

CVE-2011-3309 affects Cisco ASA 5500 series devices running software 8.2 through 8.4, where the device processes IKE requests even when vpnclient mode is configured. The root cause is the acceptance and handling of IKE traffic that can be observed by reading responder traffic, enabling potential ...

4.3CVSS6.5AI score0.01066EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2012/05/02 12:0 a.m.4 views

PT-2012-1686 · Cisco · Cisco Asa

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions 8.2 through 8.4 Description: The issue allows remote attackers to obtain potentially sensitive information by reading IKE responder traffic, due to the devices processing IKE...

4.3CVSS6.2AI score0.01066EPSS
Exploits0References3
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.74 views

RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, This is Paul Oxman with Cisco PSIRT. For mitigations and workarounds, please consult the Cisco Security Response available at: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml Regards From: showrun.lee mailto:[email protected]...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2005/07/07 12:0 a.m.73 views

[EXPL] TCP Chat&#40;TCPX&#41; DoS &#40;Exploit&#41;

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

7.1AI score
Exploits0
Debian
Debian
added 2003/08/17 12:19 a.m.49 views

[SECURITY] [DSA-372-1] New netris packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 372-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 16th, 2003 http://www.debian.org/security/faq -...

7.5CVSS6.6AI score0.02421EPSS
Exploits1
Rows per page
Query Builder