Lucene search
K

26 matches found

Cisco
Cisco
added 2025/11/05 4:0 p.m.19 views

Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability

A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS...

8.6CVSS6.8AI score0.00673EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/11/13 3:58 p.m.5 views

freeradius: forgery attack

A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...

9CVSS7.2AI score0.14859EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2024/10/29 6:51 p.m.4 views

freeradius: forgery attack

A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...

9CVSS7.2AI score0.14859EPSS
Exploits2References10
RedHat Linux
RedHat Linux
added 2024/10/24 5:57 p.m.5 views

freeradius: forgery attack

A vulnerability in the RADIUS Remote Authentication Dial-In User Service protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced. This issue arises from a cryptographically insecure integrity check using MD5, enabling attackers to spoof...

9CVSS7.2AI score0.14859EPSS
Exploits2References10
Microsoft KB
Microsoft KB
added 2024/09/10 7:0 a.m.97 views

July 9, 2024—KB5040438 (OS Build 25398.1009)

July 9, 2024—KB5040438 OS Build 25398.1009 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server, version 23H2, see its update history page. Improvements This security update...

9.8CVSS9.2AI score0.84345EPSS
Exploits7
Rockylinux
Rockylinux
added 2024/08/01 1:28 a.m.27 views

freeradius:3.0 security update

An update is available for freeradius, module.freeradius. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRADIUS is a high-performance and highly configurabl...

9CVSS7.2AI score0.14859EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2023/09/08 12:0 a.m.6 views

The vulnerability of the RADIUS protocol implementation (Remote Authentication in Dial-In User Service) of the Cisco Identity Services Engine (ISE) allows a perpetrator to cause service interruptions.

The vulnerability of the RADIUS protocol Remote Authentication in Dial-In User Service implementation of the Cisco Identity Services Engine ISE is related to errors in processing requests. Exploiting this vulnerability allows a malicious actor to cause service denial by sending a specially crafte...

8.6CVSS7.8AI score0.00758EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.7 views

The vulnerability of the RADIUS protocol implementation (Remote Authentication in Dial-In User Service) of the Cisco Identity Services Engine (ISE) allows a perpetrator to cause service interruptions.

The vulnerability of the RADIUS protocol implementation Remote Authentication in Dial-In User Service of the Cisco Identity Services Engine ISE is related to incorrect processing of RADIUS requests. Exploiting this vulnerability can allow a malicious actor to cause service failures...

8.6CVSS7.4AI score0.01433EPSS
Exploits0References3Affected Software1
Rockylinux
Rockylinux
added 2022/02/01 8:9 p.m.12 views

3.0 bug fix update

An update is available for freeradius. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRADIUS is a high-performance and highly configurable free Remote...

1.9AI score
Exploits0
CNVD
CNVD
added 2019/09/26 12:0 a.m.4 views

Cisco IOS XE CTS PAC Configuration Denial of Service Vulnerability

Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. A denial of service vulnerability exists in the Cisco TrustSec CTS Protected Access Credentials PAC configuration module of Cisco IOS XE. The vulnerability stems from improper validation of attributes in RADIUS...

8.6CVSS6.7AI score0.01777EPSS
Exploits0References1
OSV
OSV
added 2019/06/12 2:29 p.m.6 views

CVE-2019-1029

A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights. To...

5.9CVSS6.6AI score0.05281EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2019/06/11 7:0 a.m.22 views

Skype for Business and Lync Server Denial of Service Vulnerability

A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights. To...

7.1CVSS1.8AI score0.05281EPSS
Exploits0
OSV
OSV
added 2018/09/21 5:29 p.m.4 views

DEBIAN-CVE-2018-17141

HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...

9.8CVSS9AI score0.05588EPSS
Exploits2References1
OSV
OSV
added 2018/09/21 5:29 p.m.5 views

ALPINE-CVE-2018-17141

HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...

9.8CVSS7.9AI score0.05588EPSS
Exploits2References1
Prion
Prion
added 2018/09/21 5:29 p.m.16 views

Code injection

HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...

7.5CVSS9.5AI score0.05588EPSS
Exploits2References6Affected Software3
UbuntuCve
UbuntuCve
added 2018/09/21 5:29 p.m.25 views

CVE-2018-17141

HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...

9.8CVSS7.3AI score0.05588EPSS
Exploits2References2
OSV
OSV
added 2018/09/21 5:29 p.m.3 views

UBUNTU-CVE-2018-17141

HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...

9.8CVSS7.7AI score0.05588EPSS
Exploits2References3
AlpineLinux
AlpineLinux
added 2018/09/21 5:0 p.m.39 views

CVE-2018-17141

HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData in the faxd/CopyQuality.c++ file...

9.8CVSS9.7AI score0.05588EPSS
Exploits2
CVE
CVE
added 2018/09/21 5:0 p.m.102 views

CVE-2018-17141

CVE-2018-17141 affects HylaFAX and HylaFAX+ where specially crafted JPEG input during fax page reception could trigger remote code execution due to missing input sanitising in the FaxModem data path. Public fixes exist: HylaFAX+ 5.6.1 (and later) mitigates the issue; Debian LTS advisory notes a f...

9.8CVSS9.4AI score0.05588EPSS
Exploits2References6Affected Software1
Microsoft KB
Microsoft KB
added 2017/01/07 11:34 p.m.19 views

Description of the cumulative update package for Office Communications Server 2007 R2, Communicator Web Access: April 2010

Describes the issue that is fixed in the Office Communications Server 2007 R2, Communicator Web Access update package that is dated April 2010.SummaryThis article describes the Microsoft Office Communications Server 2007 R2, Microsoft Office Communicator Web Access issues that are fixed in the...

Exploits0
Rows per page
Query Builder