3831 matches found
UBUNTU-CVE-2017-13081
Wi-Fi Protected Access WPA and WPA2 that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key IGTK during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients...
UBUNTU-CVE-2017-13087
Wi-Fi Protected Access WPA and WPA2 that support 802.11v allows reinstallation of the Group Temporal Key GTK when processing a Wireless Network Management WNM Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients...
CVE-2017-11053
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when qos map set IE of length less than 16 is received in association response or in qos map configure action frame, a buffer overflow can potentially occur in ConvertQosMapsetFrame...
Nzyme - Collects 802.11 Management Frames And Sends Them To A Graylog Setup For Wifi Ids, Monitoring, And Incident Response
Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog Open Source log management setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode. Think about this like a long-term months or years...
kernel: Possible heap buffer overflow in brcmf_cfg80211_mgmt_tx()
Kernel memory corruption due to a buffer overflow was found in brcmfcfg80211mgmttx function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211CMDFRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace...
Cross site scripting
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames iframes...
CVE-2017-12258
CVE-2017-12258 affects Cisco Unified Communications Manager (CUCM) Web UI. The flaw stems from insufficient protections for HTML inline frames (iframes), enabling an unauthenticated, remote attacker to direct a user to a page containing a malicious iframe to perform a click-jacking/XSF-style brow...
CVE-2017-9628
An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames with memory contents...
CVE-2017-9628
An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames with memory contents...
Information disclosure
An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames with memory contents...
Cisco IOS Software Integrated Services Routers Generation 2 denial of service (cisco-sa-20170927-rbip-dos)
According to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by a denial of service vulnerability in it's handling of ethernet frames. An unauthenticated, remote attacker can exploit this, via a specially crafted ethernet frame, to caus...
Cisco Unified Communications Manager Cross-Frame Scripting Vulnerability
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting XFS attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames iframes...
CVE-2017-9628
The CVE-2017-9628 issue affects Saia Burgess Controls PCD Controllers running PCD firmware older than 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames with memory contents, leading to information exposure. The exposed component is the PCD Controller firmware, with the...
CVE-2017-9628
An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames with memory contents...
Wireless Monitoring, Intrusion Detection & Forensics: Nzyme
Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog Open Source log management setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode. Think about this like a long-term months or years...
CVE-2017-14994
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted DICOM image, related to the ability of DCMReadNonNativeImages to yield an image list with zero frames...
CVE-2017-14994
ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted DICOM image, related to the ability of DCMReadNonNativeImages to yield an image list with zero frames...
CVE-2017-12232
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 ISR G2 Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...
CVE-2017-12232
A vulnerability in the implementation of a protocol in Cisco Integrated Services Routers Generation 2 ISR G2 Routers running Cisco IOS 15.0 through 15.6 could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...
Broadcom: Heap overflow when handling 802.11v WNM Sleep Mode Response(CVE-2017-7065)
Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. In order to allow clients to configure...