116 matches found
kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow
A flaw was found in the Linux kernel's implementation of the RealTek wireless drivers WiFi-direct or WiFi peer-to-peer driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network...
CVE-2019-16336
The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and earlier processes data channel frames with a payload length larger than the configured link layer maximum RX payload size, which allows attackers in radio range to cause a denial of service crash via a crafted BLE Li...
Buffer overflow
The Bluetooth Low Energy BLE stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to zero. This allows attackers within radio range to cause...
Multiple Cisco Products Input Validation Error Vulnerability (CNVD-2019-39603)
Cisco Aironet 1540 Series APs and so on are products of Cisco Corporation.Cisco Aironet 1540 Series APs is a 1540 series access point product.Cisco Aironet 1560 Series APs is a 1560 series access point product.Cisco Aironet 1800 Series APs is a 1800 series access point product.Cisco Aironet 1800...
CVE-2019-15265
A vulnerability in the bridge protocol data unit BPDU forwarding functionality of Cisco Aironet Access Points APs could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. The vulnerability occurs because BPDUs received from specific wireless client...
The vulnerability of the `connection.c` component of the HTTP/2 web server Apache Traffic Server, the H2O web server, Node.js software platform, and the SwiftNIO networking framework allows a attacker to cause a service failure.
The vulnerability of the connection.c component of the HTTP/2 web server Apache Traffic Server, the H2O web server, the Node.js software platform, and the SwiftNIO networking framework is related to errors in the resource consumption control mechanism. Exploiting this vulnerability can allow an...
kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results
If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmfwowlndresults function. This vulnerability can be exploited by compromised...
CVE-2019-1695
A vulnerability in the detection engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. The vulnerability exists because the software...
The vulnerability of the Extensible Authentication Protocol over LAN (EAPOL) implementation in microprogrammable routering software from Cisco’s Small Business 100 Series and Cisco Small Business 300 Series allows a perpetrator to induce a service failure.
The vulnerability of the Extensible Authentication Protocol over LAN EAPOL implementation in microprogramming-based router software from Cisco’s Small Business 100 Series and Cisco Small Business 300 Series models is related to errors in processing EAPOL frames. Exploiting this vulnerability allo...
CVE-2018-0395
A vulnerability in the Link Layer Discovery Protocol LLDP implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition when the device unexpectedly reloads. The vulnerability is due to improper input...
CVE-2018-7789
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames...
PT-2018-9415 · Aaugustin +1 · Uwebsockets +1
Name of the Vulnerable Software and Affected Versions: aaugustin websockets versions 4.0 through 4.0 Description: The issue is related to improper handling of highly compressed data, which can result in Denial of Service by memory exhaustion. This can be exploited by sending a specially crafted...
The vulnerability of Broadcom BCM4355C0 Wi-Fi chip drivers allows a hacker to induce a service failure.
The vulnerability of the Broadcom BCM4355C0 Wi-Fi chip driver is caused by an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to trigger a stack overflow, cause the Wi-Fi device to become overloaded, and result in service failure, usin...
Cisco NX-OS Software Denial of Service Vulnerability (CNVD-2017-13747)
Cisco NX-OS Software is the United States Cisco Cisco company's set of data center-oriented operating system. A denial of service vulnerability exists in the Fibra Channel over Ethernt FCoE protocol implementation in Cisco NX-OS Software, which arises from a program that fails to perform adequate...
DEBIAN-CVE-2017-2445
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via crafted frame objects...
CVE-2017-2475
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via crafted use of frames on a web site...
CVE-2017-2475
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS UXSS attacks via crafted use of frames on a web site...
The vulnerability of the Android operating system, which allows a hacker to trigger a service failure
The vulnerability of the Wi-Fi driver of the Qualcomm Android operating system is related to incorrect calls to the snprintf function. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause a service failure device freezing and reboots using specially crafted fram...
UBUNTU-CVE-2014-9901
The Qualcomm Wi-Fi driver in Android before 2016-08-05 on Nexus 7 2013 devices makes incorrect snprintf calls, which allows remote attackers to cause a denial of service device hang or reboot via crafted frames, aka Android internal bug 28670333 and Qualcomm internal bug CR548711...
The vulnerability of the Cisco Wireless LAN Controller 5500 software allows a malicious individual to cause service failure.
The vulnerability in Cisco Wireless LAN Controller WLC devices allows malicious actors to trigger a service failure device reboot by using specially crafted Ethernet frames based on 802.11 protocols...