Lucene search
K

242 matches found

CVE
CVE
added 2017/10/11 7:0 p.m.44 views

CVE-2017-14003

The CVE-2017-14003 issue affects LAVA Computer MFG Ether-Serial Link (ESL) devices running firmware 6.01.00/29.03.2007 and earlier. An improper authentication vulnerability allows an attacker with the same IP address to bypass authentication by accessing a specific resource locator, effectively e...

9.8CVSS9.4AI score0.02602EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/10/11 12:0 a.m.1 views

LAVA Computer MFG Ether-Serial Link Authentication Bypass Vulnerability

Ether-Serial Link is an Ethernet serial link device from LAVA Computer MFG. An authentication bypass vulnerability exists in LAVA Computer MFG Ether-Serial Link versions 6.01.00/29.03.2007 and earlier, which can be exploited by an attacker with the same IP address to bypass authentication by...

9.8CVSS9.5AI score0.02602EPSS
Exploits0References1
seebug.org
seebug.org
added 2017/10/10 12:0 a.m.39 views

Apple: Information Leak when handling WLC_E_COUNTRY_CODE_CHANGED event packets(CVE-2017-7116)

Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. On iOS, the "AppleBCMWLANBusInterfacePCIe"...

5CVSS8.7AI score0.01824EPSS
Exploits2
The Hacker News
The Hacker News
added 2017/07/04 11:1 p.m.11 views

Largest Cryptocurrency Exchange Hacked! Over $1 Million Worth Bitcoin and Ether Stolen

One of the world's largest Bitcoin and Ether cryptocurrencies exchanges Bithumb has recently been hacked, resulting in loss of more than $1 Million in cryptocurrencies after a number of its user accounts compromised. Bithumb is South Korea's largest cryptocurrency exchange with 20% of global ethe...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2017/07/03 2:10 p.m.15 views

Classic Ether Wallet Compromised via Social Engineering

Classic Ether Wallet, an open source wallet for the public, blockchain-based cryptocurrency platform Ethereum Classic ETC was compromised late last week. Developers of the decentralized platform said an attacker managed to hijack the domain for the wallet via social engineering late Thursday...

0.3AI score
Exploits0References16
Schneier on Security
Schneier on Security
added 2017/06/27 6:38 p.m.18 views

Article on the DAO Ethereum Hack

This is good...

7.1AI score
Exploits0
OSV
OSV
added 2017/05/16 5:29 p.m.3 views

CVE-2017-6658

Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem...

7.5CVSS5.8AI score0.0106EPSS
Exploits0References3
Prion
Prion
added 2017/05/16 5:29 p.m.14 views

Input validation

Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether type field which...

5CVSS7.4AI score0.0106EPSS
Exploits0References3
NVD
NVD
added 2017/05/16 5:29 p.m.20 views

CVE-2017-6657

Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether type field which...

7.5CVSS7.4AI score0.0106EPSS
Exploits0References3
Prion
Prion
added 2017/05/16 5:29 p.m.16 views

Buffer overflow

Cisco Sourcefire Snort 3.0 before build 233 has a Buffer Overread related to use of a decoder array. The size was off by one making it possible to read past the end of the array with an ether type of 0xFFFF. Increasing the array size solves this problem...

5CVSS7.3AI score0.0106EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/05/16 5:0 p.m.50 views

CVE-2017-6657

Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation, allowing crafted packets with IP protocol numbers in the ether type field to confuse the Snort++ decoder. Affected decoders include gre, llc, trans_bridge, ciscometadata, linux_sll, and token_ring; the fix adds a check ...

7.5CVSS7.4AI score0.0106EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/05/16 5:0 p.m.26 views

CVE-2017-6657

Cisco Sourcefire Snort 3.0 before build 233 mishandles Ether Type Validation. Since valid ether type and IP protocol numbers do not overlap, Snort++ stores all protocol decoders in a single array. That makes it possible to craft packets that have IP protocol numbers in the ether type field which...

7.4AI score0.0106EPSS
Exploits0References2
Prion
Prion
added 2017/04/30 7:59 p.m.14 views

Buffer overflow

Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner,...

4.6CVSS8AI score0.00504EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2017/04/30 7:0 p.m.54 views

CVE-2017-8367

The CVE-2017-8367 entry covers a local buffer overflow in Ether Software Easy MOV Converter and related burn/converter tools (e.g., Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, etc.). The root cause is a buffer overflow triggered by a long username, enabling a lo...

7.8CVSS8.1AI score0.00504EPSS
Exploits1References2Affected Software18
Cvelist
Cvelist
added 2017/04/30 7:0 p.m.19 views

CVE-2017-8367

Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner,...

8.2AI score0.00504EPSS
Exploits1References2
CNVD
CNVD
added 2017/02/06 12:0 a.m.1 views

Tcpdump Multiple Parser Buffer Overflow Vulnerability

Tcpdump is a popular network analysis program. A buffer overflow vulnerability in Tcpdump's multiple parsers print-ether.c:etherprint allows remote attackers to exploit the vulnerability by submitting a special request to crash the application...

9.8CVSS7.4AI score0.05504EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.1 views

DEBIAN-CVE-2017-5342

In tcpdump before 4.9.0, a bug in multiple protocol parsers Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE could cause a buffer overflow in print-ether.c:etherprint...

9.8CVSS7.6AI score0.05504EPSS
Exploits0References1
OSV
OSV
added 2017/01/28 1:59 a.m.4 views

ALPINE-CVE-2017-5342

In tcpdump before 4.9.0, a bug in multiple protocol parsers Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE could cause a buffer overflow in print-ether.c:etherprint...

9.8CVSS7.6AI score0.05504EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/01/28 1:33 a.m.18 views

CVE-2017-5342

In tcpdump before 4.9.0, a bug in multiple protocol parsers Geneve, GRE, NSH, OTV, VXLAN and VXLAN GPE could cause a buffer overflow in print-ether.c:etherprint...

9.8CVSS9.8AI score0.05504EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

Wireshark 1.4.1-1.4.4 - SEH Overflow Exploit

No description provided by source. !/usr/bin/env python Vulnerable app: Wireshark 1.4.1-1.4.4 Author: sickness Download : OS: Tested it on Windows XP SP2 and SP3 but it should work on every Windows with DEP off still working on a ROP exploit DATE : 17.04.2011 Fixed in latest version 1.4.5 DO NOT...

7.1AI score
Exploits0
Rows per page
Query Builder