Lucene search
K

9185 matches found

CVE
CVE
added 2020/03/02 5:52 p.m.55 views

CVE-2019-18863

The CVE-2019-18863 entry concerns a key-length vulnerability in the SRTP 128-bit key implementation on Mitel 6800/6900 SIP phones (versions 5.1.0.2051 SP2 and earlier). The root cause is in the SRTP key handling, enabling a man-in-the-middle attack when SRTP is used in a call, with potential inte...

5.9CVSS5.5AI score0.00513EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/02/28 7:17 p.m.197 views

CVE-2018-21035

CVE-2018-21035 affects Qt’s WebSocket implementation in Qt up to 5.14.1, where frames and messages are limited to 2 GB and this limit cannot be configured, enabling potential memory-based DoS. The vulnerability is documented across multiple advisories (e.g., MiracleLinux, Rocky Linux, AlmaLinux, ...

8.6CVSS7.1AI score0.02281EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/02/28 12:0 a.m.1 views

PT-2021-6496 · Libde265 +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a heap buffer overflow in the ff hevc put unweighted pred 8 sse function. This can be exploited via a crafted file, potentially allowing a remote attacker to access confidential data...

10CVSS6.9AI score0.0202EPSS
Exploits46References189
Fedora
Fedora
added 2020/02/27 5:32 p.m.16 views

[SECURITY] Fedora 31 Update: golang-github-gorilla-websocket-1.4.1-1.fc31

Gorilla WebSocket is a Go implementation of the WebSocket protocol...

2.2AI score
Exploits0
Fedora
Fedora
added 2020/02/27 4:45 p.m.9 views

[SECURITY] Fedora 30 Update: golang-github-gorilla-websocket-1.4.1-1.fc30

A WebSocket implementation for Go...

2.2AI score
Exploits0
Cvelist
Cvelist
added 2020/02/26 4:45 p.m.18 views

CVE-2020-3165 Cisco NX-OS Software Border Gateway Protocol MD5 Authentication Bypass Vulnerability

A vulnerability in the implementation of Border Gateway Protocol BGP Message Digest 5 MD5 authentication in Cisco NX-OS Software could allow an unauthenticated, remote attacker to bypass MD5 authentication and establish a BGP connection with the device. The vulnerability occurs because the BGP MD...

8.2CVSS8.3AI score0.01278EPSS
Exploits0References1
Hacker One
Hacker One
added 2020/02/25 2:29 p.m.22 views

Lark Technologies: Access to private file's of helpdesk.

A improperly implemented access controls vulnerability was found at a Larksuite endpoint that could have resulted in a team founder who was also an admin of a separate helpdesk, to view an arbitrary image from a ticket they did not have permission to view. We thank @imrannisar for reporting this ...

1.9AI score
Exploits0
Kitploit
Kitploit
added 2020/02/24 11:8 p.m.121 views

Faraday presents the latest version of their Security Platform for Vulnerability Management Automation

Miami, February 19, 2020 - Faraday is opening 2020 by strengthening their releases using the featured cybersecurity worldwide events calendar, starting next week with BSides and RSAC in San Francisco. As a Blackhat Global Partner, the company will also participate as a sponsor in all BH’s global...

7.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2020/02/24 12:0 a.m.26 views

D-Link Multiple Routers HNAP PrivateLogin Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue...

8.8CVSS1.8AI score0.76733EPSS
Exploits0References1
NVD
NVD
added 2020/02/20 3:15 p.m.26 views

CVE-2012-5363

The IPv6 implementation in FreeBSD and NetBSD unknown versions, year 2012 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393...

7.8CVSS7.2AI score0.02499EPSS
Exploits0References2
Prion
Prion
added 2020/02/20 3:15 p.m.32 views

Design/Logic Flaw

The IPv6 implementation in FreeBSD and NetBSD unknown versions, year 2012 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393...

7.8CVSS6.8AI score0.02499EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2020/02/20 2:24 p.m.57 views

CVE-2012-5363

CVE-2012-5363 affects the IPv6 ND/Neighbor Solicitation handling in FreeBSD and NetBSD (unknown versions, year 2012 and earlier). The issue allows remote attackers to cause a denial of service by flooding the stack with ICMPv6 Neighbor Solicitation messages, as described in the CVE entry. Connect...

7.8CVSS7.2AI score0.02499EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/02/20 2:20 p.m.23 views

CVE-2012-5365

The IPv6 implementation in FreeBSD and NetBSD unknown versions, year 2012 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries...

7.3AI score0.02499EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/02/20 2:16 p.m.32 views

CVE-2012-5364

The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries...

7.3AI score0.14192EPSS
Exploits0References2
Prion
Prion
added 2020/02/20 4:15 a.m.12 views

Design/Logic Flaw

The Neighbor Discovery ND protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hoplimit value in a Router Advertisement RA message...

3.3CVSS6.9AI score0.01378EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2020/02/19 9:15 p.m.20 views

CVE-2020-3945

vRealize Operations for Horizon Adapter 6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1 contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network...

7.5CVSS7.4AI score0.01386EPSS
Exploits0References1
CVE
CVE
added 2020/02/19 8:3 p.m.90 views

CVE-2020-3945

CVE-2020-3945 is an information-disclosure vulnerability in VMware’s vRealize Operations for Horizon Adapter . Affected releases are 6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1 . The root cause is an incorrect pairing/implementation between the Horizon Adapter and Horizon View, enabling an unau...

7.5CVSS7.7AI score0.01386EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/02/19 8:3 p.m.23 views

CVE-2020-3945

vRealize Operations for Horizon Adapter 6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1 contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network...

7.4AI score0.01386EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/02/19 12:0 a.m.448 views

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4285-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4285-1 advisory. It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacke...

7.8CVSS7.1AI score0.10114EPSS
Exploits3References13
Ubuntu
Ubuntu
added 2020/02/18 8:34 p.m.127 views

USN-4286-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. CVE-2019-14615 It was discovered that a race condition existed in the Softmac USB Prism54 devi...

7.4CVSS6.5AI score0.10114EPSS
Exploits5
Rows per page
Query Builder