Lucene search
K

81 matches found

OSV
OSV
added 2025/05/07 6:15 p.m.4 views

CVE-2025-20221

A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters. This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this...

9.1CVSS5.8AI score0.00418EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/25 12:0 a.m.2 views

PT-2025-16743

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference issue has been identified in the Linux kernel, specifically in the l3mdev l3 rcv function. This issue occurs when deleting an l3s ipvlan, which can cause a nul...

5.5CVSS6AI score0.00177EPSS
Exploits0
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.8 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: s390/qeth: Fixed a kernel panic that occurred after setting the hsuid attribute. Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device, while the corresponding network interface is already up, the...

4.4CVSS6.5AI score0.0022EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/08 12:0 a.m.7 views

PT-2025-1019 · Hewlett Packard · Hpe Aruba Networking Cx 10000 Series Switches

Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking CX 10000 Series Switches affected versions not specified Description: A vulnerability in the firewall component of HPE Aruba Networking CX 10000 Series Switches exists, which could allow an unauthenticated adjacent attack...

3.4CVSS7AI score0.00236EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2024/12/12 6:58 a.m.6 views

SUSE CVE-2024-52529

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. For users with the following configuration: 1. An allow policy that selects a Layer 3 destination and a port range AND 2. A Layer 7 allow policy that selects a specific port within the first policy's range...

5.8CVSS6.9AI score0.00507EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/12/04 12:56 a.m.3 views

kernel: s390/qeth: Fix kernel panic after setting hsuid

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...

4.4CVSS6.9AI score0.0022EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/25 12:0 a.m.4 views

PT-2024-35358 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions 1.16.0 through 1.16.3 Description: The issue arises when there is a Layer 3 policy with a port range and a Layer 7 policy with a port within the first policy's range. In such cases, the Layer 7 policy enforcement would not occ...

8.1CVSS5.7AI score0.03001EPSS
Exploits3References34
RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.6 views

kernel: s390/qeth: Fix kernel panic after setting hsuid

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...

4.4CVSS6.9AI score0.0022EPSS
Exploits0References5
OSV
OSV
added 2024/10/27 10:15 p.m.4 views

DEBIAN-CVE-2024-50613

libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpegl3encode.c mpegl3encoderclose...

6.5CVSS6.4AI score0.00513EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.11 views

kernel: s390/qeth: Fix kernel panic after setting hsuid

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: Fix kernel panic after setting hsuid Symptom: When the hsuid attribute is set for the first time on an IQD Layer3 device while the corresponding network interface is already UP, the kernel will try to execute a napi...

4.4CVSS6.9AI score0.0022EPSS
Exploits0References5
OSV
OSV
added 2024/07/11 5:15 p.m.6 views

CVE-2024-39535

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved on ACX 7000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a device has a Layer 3 or an IRB interface configur...

7.1CVSS5.8AI score0.00327EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/07/09 9:24 a.m.3 views

kernel: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: sanitize layer 3 and 4 protocol number in custom expectations The Linux kernel CVE team has assigned CVE-2024-26673 to this issue. Upstream advisory:...

7.1CVSS6.2AI score0.00237EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/06/25 12:0 a.m.5 views

PT-2024-5572 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions 22.4R2-S1 through 22.4R2-S2 Description: The issue is related to an Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS...

7.1CVSS7.2AI score0.00327EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/05/29 8:56 a.m.12 views

kernel: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: sanitize layer 3 and 4 protocol number in custom expectations The Linux kernel CVE team has assigned CVE-2024-26673 to this issue. Upstream advisory:...

7.1CVSS6.8AI score0.00237EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2024/04/06 1:59 a.m.3 views

SUSE CVE-2024-26673

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTOIPV4,IPV6,INET. - Disallow layer 4 protocol with no ports, since destination port is a mandatory attribute for...

5.5CVSS6.4AI score0.00237EPSS
Exploits0References13
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.4 views

Westermo Lynx 206-F2G Cross-Site Request Forgery Vulnerability

The Westermo Lynx 206-F2G is a Layer 3 industrial Ethernet switch from Westermo, Sweden, powered by the Westermo WeOS network operating system. A security vulnerability exists in the Westermo Lynx 206-F2G that stems from cross-site requests for forged tokens being predictable...

8.8CVSS6.7AI score0.00232EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.5 views

Westermo Lynx 206-F2G Code Injection Vulnerability

The Westermo Lynx 206-F2G is a Layer 3 industrial Ethernet switch from Westermo, Sweden, powered by the Westermo WeOS network operating system. A security vulnerability exists in the Westermo Lynx 206-F2G. An attacker can exploit this vulnerability to execute malicious code...

8CVSS7AI score0.00514EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/07/18 6:15 p.m.4 views

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

9.8CVSS7.5AI score0.00658EPSS
Exploits0References3
OSV
OSV
added 2023/07/18 6:15 p.m.4 views

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

9.8CVSS6AI score0.00658EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.7 views

PT-2023-25670 · Kratos · Kratos Ngc Indoor Unit

Name of the Vulnerable Software and Affected Versions: Kratos NGC Indoor Unit IDU versions prior to 11.4 Description: The issue allows remote attackers to obtain arbitrary control of the IDU/ODU system due to missing authentication for a critical function. Attackers with layer-3 network access to...

9.8CVSS9.6AI score0.00658EPSS
Exploits0References4
Rows per page
Query Builder