3887 matches found
CVE-2018-0054
On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface fxp0 can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also...
CVE-2018-0054
On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface fxp0 can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also...
QFX5000/EX4600 Series: Routing protocol flap upon receipt of high rate of Ethernet frames
On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface fxp0 can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also...
CVE-2018-0054
CVE-2018-0054 affects Juniper Networks Junos OS on QFX5000 Series and EX4600 switches. A high rate of Ethernet pause frames or ARP storms on the management interface (fxp0) can cause egress congestion, leading to routing-protocol drops (e.g., BGP) and peering flaps. Affected releases include many...
CVE-2018-0054 QFX5000/EX4600 Series: Routing protocol flap upon receipt of high rate of Ethernet frames
On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface fxp0 can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps. The following log message may also...
CVE-2018-0480 Cisco IOS XE Software Errdisable Denial of Service Vulnerability
A vulnerability in the errdisable per VLAN feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause the device to crash, leading to a denial of service DoS condition. The vulnerability is due to a race condition that occurs when the VLAN and port enter an...
The vulnerability of the Apache HTTP Server web server, related to insufficient validation of input data, allows attackers to cause service failures.
The vulnerability of the Apache HTTP Server is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service interruptions by exhausting the number of simultaneous connections through continuous sending of Maximum Size SETTINGS type fram...
USN-3783-1 apache2 vulnerabilities
Robert Swiecki discovered that the Apache HTTP Server HTTP/2 module incorrectly destroyed certain streams. A remote attacker could possibly use this issue to cause the server to crash, leading to a denial of service. CVE-2018-1302 Craig Young discovered that the Apache HTTP Server HTTP/2 module...
CVE-2018-11763
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol...
Apache -- Denial of service vulnerability in HTTP/2
The Apache httpd project reports: low: DoS for HTTP/2 connections by continuous SETTINGS By sending continous SETTINGS frames of maximum size an ongoing HTTP/2 connection could be kept busy and would never time out. This can be abused for a DoS on the server. This only affect a server that has...
Integer overflow
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...
CVE-2018-10893
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...
CVE-2018-10893
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...
CVE-2018-10893
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code...
CVE-2018-10893
CVE-2018-10893 concerns spice-client’s handling of LZ compressed frames, with multiple integer/buffer overflow issues that could crash the client or allow arbitrary code execution. Public advisories reference fixes bundled in updated spice packages: Amazon Linux 2 ALAS-2023-2219 notes spice-proto...
GhostTunnel - A Covert Backdoor Transmission Method That Can Be Used In An Isolated Environment
GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment. It can attack the target through the HID device only to release the payload agent, then the HID device can be removed after the payload is released. GhostTunnel use 802.11 Probe Request Frames and...
CVE-2018-7789
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames...
Input validation
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames...
CVE-2018-7789
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames...
Google Chrome < 67.0.3396.62 Multiple Vulnerabilities
Binary data 700358.pasl...