Lucene search
K

81 matches found

The Hacker News
The Hacker News
added 2023/02/22 6:51 a.m.2 views

Gcore Thwarts Massive 650 Gbps DDoS Attack on Free Plan Client

At the beginning of January, Gcore faced an incident involving several L3/L4 DDoS attacks with a peak volume of 650 Gbps. Attackers exploited over 2000 servers belonging to one of the top three cloud providers worldwide and targeted a client who was using a free CDN plan. However, due to Gcore's...

6.7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 6:20 a.m.5 views

SUSE CVE-2004-0991

Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files...

7.5CVSS8.3AI score0.03584EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.6 views

SUSE CVE-2017-9870

The IIIistereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file that is mishandled in the code for the "blocktype == 2" case, a similar...

5.5CVSS9.1AI score0.0121EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.4 views

SUSE CVE-2017-9872

The IIIdequantizesample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted audio file...

7.8CVSS8.3AI score0.0979EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:39 a.m.6 views

SUSE CVE-2017-14408

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service...

5.5CVSS5.8AI score0.00856EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.3 views

SUSE CVE-2018-10778

Read access violation in the IIIdequantizesample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872 and CVE-2017-14409...

7.8CVSS8.3AI score0.0107EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:52 a.m.1 views

SUSE CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

4.4CVSS6.8AI score0.02515EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2023/02/15 3:40 a.m.5 views

SUSE CVE-2021-34085

Read access violation in the IIIdequantizesample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and...

9.8CVSS8.3AI score0.01775EPSS
Exploits1References3
OSV
OSV
added 2022/09/30 7:15 p.m.4 views

CVE-2022-20728

A vulnerability in the client forwarding code of multiple Cisco Access Points APs could allow an unauthenticated, adjacent attacker to inject packets from the native VLAN to clients within nonnative VLANs on an affected device. This vulnerability is due to a logic error on the AP that forwards...

4.7CVSS5.8AI score0.00242EPSS
Exploits0References1
OSV
OSV
added 2022/05/11 6:15 p.m.15 views

UBUNTU-CVE-2021-34085

Read access violation in the IIIdequantizesample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and...

9.8CVSS5.9AI score0.01775EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/04/14 12:0 a.m.7 views

Arista Networks Arista EOS 安全漏洞

Arista Networks Arista EOS is a scalable operating system for data centers and cloud network centers from Arista Networks, Inc. Arista EOS builds cloud architectures that scale to hundreds of thousands of compute and storage nodes with management and provisioning capabilities for large-scale jobs...

7.5CVSS7.3AI score0.00869EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2021/08/10 4:14 p.m.2 views

QEMU: net: an assert failure via eth_get_gso_type

An assert3 failure flaw was found in the networking helper functions of QEMU. This vulnerability can occur in the ethgetgsotype routine if a packet does not have a valid networking L3 protocol ex. IPv4, IPv6 value. This flaw allows a guest user to crash the QEMU process on the host, resulting in ...

6.5CVSS7.1AI score0.02515EPSS
Exploits0References6
OSV
OSV
added 2020/11/06 7:15 p.m.2 views

CVE-2020-3444

A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by...

7.5CVSS6.6AI score0.01476EPSS
Exploits0References1
OSV
OSV
added 2020/11/06 8:15 a.m.1 views

DEBIAN-CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

6.5CVSS6.8AI score0.02515EPSS
Exploits0References1
OSV
OSV
added 2020/11/06 8:15 a.m.1 views

UBUNTU-CVE-2020-27617

ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol...

6.5CVSS6.8AI score0.02515EPSS
Exploits0References6
CNVD
CNVD
added 2020/11/05 12:0 a.m.3 views

Cisco SD-WAN vEdge Input Validation Error Vulnerability

Cisco SD-WAN vEdge is a router from Cisco. The device provides basic WAN, security, and multi-cloud capabilities for Cisco SD-WAN solutions. The Cisco SD-WAN vEdge suffers from an input validation error vulnerability that arises from a network system or product that does not properly validate...

7.5CVSS7AI score0.01476EPSS
Exploits0References1
OSV
OSV
added 2019/08/08 8:15 a.m.2 views

CVE-2019-1951

A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by...

5.8CVSS6.3AI score0.01455EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/08 12:0 a.m.1 views

Cisco SD-WAN Solution Packet Filter Bypass Vulnerability

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco. A packet filter bypass vulnerability exists in Cisco SD-WAN Solution version 19.1.0 and earlier. The vulnerability stems from improper traffic filtering conditions on the affected device. An attacker can exploit this...

5.8CVSS7AI score0.01455EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/08 12:0 a.m.18 views

Cisco IOS XE Software Access Control Error Vulnerability

Cisco IOS XE Software is an operating system developed by Cisco for its network devices. An access control error vulnerability exists in the MACsec Key Agreement MKA using Extensible Authentication Protocol-Transport Layer Security EAP-TLS functionality in Cisco IOS XE Software, which arises from...

8.1CVSS8.2AI score0.00747EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/07 12:0 a.m.3 views

mp3gain Denial of Service Vulnerability

mp3gain is a volume adjustment application for MP3 files. A security vulnerability exists in the 'IIIdequantizesample' function in the mpglibDBL/layer3.c file in mp3gain 1.5.2-r2 and earlier versions, which stems from a read access privilege conflict in the program. A remote attacker could exploi...

7.8CVSS6.7AI score0.0107EPSS
Exploits0References1
Rows per page
Query Builder