CVE-2017-5026

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page...

chromium-browser: ui spoofing

Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to prevent alerts from being displayed by swapped out frames, which allowed a remote attacker to show alerts on a page they don't control via a crafted HTML page...

DEBIAN-CVE-2016-6160

tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service segmentation fault via a large frame, a related issue to CVE-2017-14266...

CVE-2016-2783

Avaya Fabric Connect Virtual Services Platform VSP Operating System Software VOSS before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames...

CVE-2016-2783

Avaya Fabric Connect Virtual Services Platform VSP Operating System Software VOSS before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames...

Design/Logic Flaw

Avaya Fabric Connect Virtual Services Platform VSP Operating System Software VOSS before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames...

CVE-2016-2783

CVE-2016-2783 affects Avaya Fabric Connect VSP OS (VOSS) prior to 4.2.3.0 and prior to 5.0.1.0. The root cause is improper handling of VLAN and I-SIS indexes, which enables remote attackers to obtain unauthorized access by sending crafted Ethernet frames. Affected product family: Avaya VOSS/VSP O...

CVE-2016-2783

Avaya Fabric Connect Virtual Services Platform VSP Operating System Software VOSS before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames...

Denial Of Service (DoS)

netty is vulnerable to denial of service attacks. The vulnerability exists because it allows a malicious user to send infinite number of header frames when number of header frames exceeds the MAXHEADERLISTSIZE...

DEBIAN-CVE-2016-8740

The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory consumption via crafted CONTINUATION frames in an HTTP/2 request...

CVE-2016-8740

The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory consumption via crafted CONTINUATION frames in an HTTP/2 request...

Mozilla Firefox ESR < 45.5 Multiple Vulnerabilities

Binary data 9805.prm...

Christmas Photo Frames - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Christmas Photo Frames published at the 'play' market has multiple vulnerabilities...

OWOX, Inc.: ClickJacking

hi there ! i have found clickjacking vulnerability in your website you should set the frames to fix the issue...

Linux Network Analyzer: netsniff-ng

Linux Network Analyzer A Swiss army knife for your daily Linux network plumbing netsniff-ng is a free, performant Linux network analyzer and networking toolkit. If you will, the Swiss army knife for network packets. The gain of performance is reached by built-in zero-copy mechanisms, so that on...

kernel: Kernel memory leakage to ethernet frames due to buffer overflow in ethernet drivers

It was discovered that the atl2probe function in the Atheros L2 Ethernet driver in the Linux kernel incorrectly enabled scatter/gather I/O. A remote attacker could use this flaw to obtain potentially sensitive information from the kernel memory...

How to Verify the Maximum Transmission Unit For a Given Network Path

When implementing jumbo frames for storage it is important to verify what the actual Maximum Transmission Unit MTU is for the path between your host and storage unit. The steps included in this document will return a quantitative value unique to the given environment...

CAN bus analysis tool: Kayak

CAN bus analysis tool Kayak is a application for CAN bus diagnosis and monitoring. Its main goals are a simple interface and platform independence. Kayak is implemented in pure Java and has no platform specific dependencies. It includes a complete CAN bus abstraction model that can be included in...

Auditing CAN Devices: CANSPY

A Platform for Auditing CAN Devices In the past few years, several tools have been released allowing hobbyists to connect to CAN buses found in cars. This is welcomed as the CAN protocol is becoming the backbone for embedded computers found in smartcars. Its use is now even spreading outside the...

Wireshark 2.2.x < 2.2.1 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.1 advisory. - In Wireshark 2.2.0, the NCP dissector could crash, triggered by packet injection or a malformed capture file. Th...