Lucene search
+L

247 matches found

osv
osv
added 2023/05/31 8:15 p.m.3 views

DEBIAN-CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

5.5CVSS6.5AI score0.00247EPSS
Exploits0References1
osv
osv
added 2023/05/31 8:15 p.m.4 views

UBUNTU-CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4groupdesccsum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend again...

5.5CVSS6.6AI score0.00247EPSS
Exploits0References12
f5
f5
added 2023/02/21 7:41 p.m.184 views

K16840: SSH vulnerability CVE-1999-1085

Security Advisory Description Description SSH 1.2.25, 1.2.23, and other versions, when used in in CBC Cipher Block Chaining or CFB Cipher Feedback 64 bits modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext...

5CVSS5.7AI score0.03211EPSS
Exploits0
susecve
susecve
added 2023/02/15 6:14 a.m.3 views

SUSE CVE-2006-4924

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service CPU consumption via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector...

7.8CVSS6.6AI score0.34666EPSS
Exploits1References7
susecve
susecve
added 2023/02/15 6:12 a.m.2 views

SUSE CVE-2007-2445

The pnghandletRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service application crash via a grayscale PNG image with a bad tRNS chunk CRC value...

5CVSS6.8AI score0.05115EPSS
Exploits1References5
nvd
nvd
added 2023/02/02 5:17 p.m.19 views

CVE-2023-23120

The use of the cyclic redundancy check CRC algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle MITM attack to modify the new...

5.9CVSS5.7AI score0.00268EPSS
Exploits1References2
nvd
nvd
added 2023/02/02 5:17 p.m.22 views

CVE-2023-23119

The use of the cyclic redundancy check CRC algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle MITM attack to modify the new firmware ima...

5.9CVSS5.7AI score0.00268EPSS
Exploits1References2
prion
prion
added 2023/02/02 5:17 p.m.17 views

Design/Logic Flaw

The use of the cyclic redundancy check CRC algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle MITM attack to modify the new...

2.6CVSS5.7AI score0.00268EPSS
Exploits1References2Affected Software1
cve
cve
added 2023/02/02 12:0 a.m.46 views

CVE-2023-23120

CVE-2023-23120 affects TRENDnet TV-IP651WI Network Camera firmware versions v1.07.01 and earlier. The root cause is using a CRC-based integrity check during firmware updates, which can be bypassed in a MITM scenario to modify the firmware image. The provided documents state the vulnerability but ...

5.9CVSS5.7AI score0.00268EPSS
Exploits1References2Affected Software1
cnnvd
cnnvd
added 2023/02/02 12:0 a.m.6 views

TRENDnet TV-IP651WI 安全漏洞

The TRENDnet TV-IP651WI is a wireless network camera from TRENDnet. A security vulnerability exists in TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier, which is caused due to the use of the cyclic redundancy check CRC algorithm for integrity checking during a firmware...

5.9CVSS6AI score0.00268EPSS
Exploits1References4
cve
cve
added 2023/02/02 12:0 a.m.52 views

CVE-2023-23119

CVE-2023-23119 affects Ubiquiti airFiber AF2X Radio firmware 3.2.2 and earlier. The root cause is use of CRC for integrity checks during firmware updates, enabling MITM modification of the firmware image to bypass checksum verification. Public details consistently describe the impact as firmware ...

5.9CVSS5.7AI score0.00268EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2023/02/02 12:0 a.m.26 views

CVE-2023-23120

The use of the cyclic redundancy check CRC algorithm for integrity check during firmware update makes TRENDnet TV-IP651WI Network Camera firmware version v1.07.01 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle MITM attack to modify the new...

5.9AI score0.00268EPSS
Exploits1References2
cvelist
cvelist
added 2023/02/02 12:0 a.m.29 views

CVE-2023-23119

The use of the cyclic redundancy check CRC algorithm for integrity check during firmware update makes Ubiquiti airFiber AF2X Radio firmware version 3.2.2 and earlier vulnerable to firmware modification attacks. An attacker can conduct a man-in-the-middle MITM attack to modify the new firmware ima...

5.9AI score0.00268EPSS
Exploits1References2
nvd
nvd
added 2022/12/20 8:15 p.m.20 views

CVE-2022-46423

An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM Man-in-the-Middle attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service...

8.1CVSS0.00397EPSS
Exploits0References2
nvd
nvd
added 2022/12/20 8:15 p.m.32 views

CVE-2022-46424

An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM Man-in-the-Middle attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or...

8.1CVSS0.0084EPSS
Exploits0References2
prion
prion
added 2022/12/20 8:15 p.m.31 views

Design/Logic Flaw

An exploitable firmware modification vulnerability was discovered on the Netgear XWN5001 Powerline 500 WiFi Access Point. An attacker can conduct a MITM Man-in-the-Middle attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or...

5.1CVSS8.4AI score0.0084EPSS
Exploits0References2Affected Software1
prion
prion
added 2022/12/20 8:15 p.m.11 views

Design/Logic Flaw

An exploitable firmware modification vulnerability was discovered on the Netgear WNR2000v1 router. An attacker can conduct a MITM Man-in-the-Middle attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service...

5.1CVSS8.4AI score0.00397EPSS
Exploits0References2Affected Software1
prion
prion
added 2022/12/20 8:15 p.m.19 views

Design/Logic Flaw

An exploitable firmware modification vulnerability was discovered on TP-Link TL-WR743ND V1. An attacker can conduct a MITM Man-in-the-Middle attack to modify the user-uploaded firmware image and bypass the CRC check, allowing attackers to execute arbitrary code or cause a Denial of Service DoS...

5.1CVSS7.9AI score0.00836EPSS
Exploits0References2Affected Software1
cve
cve
added 2022/12/20 12:0 a.m.60 views

CVE-2022-46424

Affected product: Netgear XWN5001 Powerline 500 WiFi Access Point. Vulnerability: exploitable firmware modification allowing a MITM attacker to modify a user-uploaded firmware image and bypass CRC checks, enabling arbitrary code execution or Denial of Service. Root cause/condition: vulnerable fir...

8.1CVSS8.3AI score0.0084EPSS
Exploits0References2Affected Software1
cve
cve
added 2022/12/20 12:0 a.m.58 views

CVE-2022-46432

CVE-2022-46432 affects TP-Link TL-WR743ND V1 firmware up to 3.12.20. The vulnerability allows a MITM-based modification of the user-uploaded firmware image, bypassing the CRC check and enabling arbitrary code execution or Denial of Service. Affected versions: v3.12.20 and earlier. Root cause cent...

7.5CVSS7.9AI score0.00836EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder