Cisco NX-OS Software MPLS OAM Denial of Service (CVE-2021-1588)

A vulnerability in the MPLS Operation, Administration, and Maintenance OAM feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper input validation when an affected devi...

CVE-2021-42080

An attacker is able to launch a Reflected XSS attack using a crafted URL. POC: Visit the following URL https://:8153/qstorapi/echo?inputMessage=...

Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified...

CVE-2021-45039

Multiple models of the Uniview IP Camera e.g., IPCG6103 B6103.16.10.B25.201218, IPCG61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPCHCMN offer an undocumented UDP service on port 7788 that allows a remote unauthenticated attacker to overflow an internal buffer and achieve code execution. By using...

CVE-2023-33248

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...

CVE-2023-33248

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...

CVE-2023-33248

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...

Design/Logic Flaw

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...

CVE-2023-33248

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...

CVE-2023-33248

CVE-2023-33248 affects Amazon Alexa on Echo Dot 2nd/3rd gen with firmware version 8960323972. The flaw allows attackers to deliver security-relevant commands via ultrasonic audio signals in the 16–22 kHz range, which are often outside adult hearing. Impacted component is the Alexa software’s comm...

CVE-2023-33248

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...

echo-chain.ch Cross Site Scripting vulnerability OBB-3340457

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

kernel: can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...

echo-energie.de Cross Site Scripting vulnerability OBB-3227645

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-1999-0103

Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm...

SUSE CVE-2006-2272

Linux SCTP lksctp before 2.6.17 allows remote attackers to cause a denial of service kernel panic via incoming IP fragmented 1 COOKIEECHO and 2 HEARTBEAT SCTP control chunks...

SUSE CVE-2010-2529

Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service hang via a crafted echo response...

SUSE CVE-2010-4563

The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is sent, as demonstrated by thcping...

SUSE CVE-2012-2394

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service application crash via a 1 ICMP or 2 ICMPv6 Echo Request packet...

SUSE CVE-2013-2206

The sctpsfdo524dupcook function in net/sctp/smstatefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service NULL pointer dereference a...