EulerOS 2.0 SP8 : libvncserver (EulerOS-SA-2020-2518)

According to the version of the libvncserver package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker cou...

Buffer Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. It is a way of miniaturizing circuitry mainly semiconductor devices, but also passive components, etc. and is often fabricated on the surface of semiconductor wafers. A buffer error vulnerability exists in several Qualcomm products, which...

(0Day) Realtek RTL8811AU Wi-Fi Driver rtwlane Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of the Realtek RTL8811AU Wi-Fi driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the...

CVE-2020-27813

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections...

CVE-2020-27813

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections...

PT-2020-16801 · Unknown +1 · Http Server +1

Name of the Vulnerable Software and Affected Versions: HTTP Server affected versions not specified Description: The issue is related to an integer overflow vulnerability in the length of websocket frames received via a websocket connection. This flaw can be exploited by an attacker to cause a...

CVE-2020-27813

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections...

CVE-2020-27813

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections...

Juniper Junos OS EX4300-MP/EX4600/QFX5K Series DoS (JSA11086)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11086 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. TRUSTED...

Kia Motors Head Unit Access Control Error Vulnerability

Kia Motors Head Unit is the main unit of a car from the Korean company Kia Kia. The unit is used in the vehicle-machine interaction process. The Kia Motors Head Unit suffers from an Access Control Error vulnerability that can be exploited by an attacker to inject unauthorized commands to trigger...

Kr00k vulnerability (CVE-2019-15126) in Broadcom and Cypress Wi-Fi chips

During the RSA conference of February 26th 2020, researchers Štefan Svorencík and Robert Lipovsky disclosed a vulnerability in the implementation of the wireless egress packet processing of certain Broadcom Wi-Fi chipsets. This vulnerability is referenced as CVE-2019-15126 and could allow an...

CVE-2020-27813

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections...

The vulnerability of Cisco Firepower Threat Defense’s microprogramming software arises from insufficient checks during Ethernet frame processing, allowing attackers to trigger service interruptions.

The vulnerability of Cisco Firepower Threat Defense’s microprogramming software exists due to insufficient checks during the processing of Ethernet frames. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending malicious Ethernet frames through the...

Denial Of Service (DoS)

qt5-qtwebsockets is vulnerable to denial of service. An insecure websocket implementation allows only limited size for frames and messages and allows an attacker to cause a denial of service...

qt5-qtwebsockets: websocket implementation allows only limited size for frames and messages therefore attacker can cause DOS

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service memory consumption...

Cisco Firepower Threat Defense (FTD) Input Validation Error Vulnerability

Cisco Firepower Threat Defense FTD is a suite of unified software from the U.S. company Cisco Cisco that provides next-generation firewall services. A security vulnerability exists in Cisco Firepower Threat Defense FTD that results from insufficient authentication when processing Ethernet frames...

UBUNTU-CVE-2020-27560

ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service...

CVE-2020-3577

A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense FTD Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability is due t...

Input validation

A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense FTD Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability is due t...

CVE-2020-3577

Cisco Firepower Threat Defense (FTD) software, specifically interfaces configured as Inline Pair or in Passive mode, is affected by a DoS in the ingress packet processing path due to insufficient validation of Ethernet frames. An unauthenticated adjacent attacker can trigger either a device login...