25 matches found
CVE-2026-8775 Edimax BR-6428NS POST Request formL2TPSetup buffer overflow
A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has...
SUSE CVE-2026-43080
In the Linux kernel, the following vulnerability has been resolved: l2tp: Drop large packets with UDP encap syzbot reported a WARN on my patch series 1. The actual issue is an overflow of 16-bit UDP length field, and it exists in the upstream code. My series added a debug WARN with an overflow...
PT-2026-6013
When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...
USN-7039-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Input Device Tablet drivers; - Modular ISDN driver; - Multiple devices driver; - Network drivers; -...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. The most serious vulnerability with reference CVE-2023-35349 is in Microsoft Message Queueing MSQS. This vulnerability allows an unauthenticated remote malicious person to execute arbitrary execute arbitrary code with service privileges. MSMQ is...
The vulnerability of the Layer 2 Tunneling Protocol (L2TP) implementation in Microsoft Windows allows a hacker to execute arbitrary code.
The vulnerability of the Layer 2 Tunneling Protocol L2TP implementation in Microsoft Windows operating systems relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted connection request to the...
Microsoft Windows 安全漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in the Microsoft Windows Layer 2 Tunneling Protocol. An attacker could exploit the vulnerability to remotely execute code...
CVE-2022-30211
Windows Layer 2 Tunneling Protocol L2TP Remote Code Execution Vulnerability...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2281-1)
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 An flaw was discovered in the Linux kernel's audit subsystem when auditing...
Ubuntu Update for linux-lts-quantal USN-2135-1
Check for the Version of linux-lts-quantal OpenVAS Vulnerability Test $Id: gbubuntuUSN21351.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-lts-quantal USN-2135-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu 12.10 : linux vulnerabilities (USN-2138-1)
Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...
USN-2141-1: Linux kernel (OMAP4) vulnerabilities
Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...
Ubuntu: Security Advisory (USN-2108-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for linux-ti-omap4 USN-2110-1
Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN21101.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-ti-omap4 USN-2110-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is...
Ubuntu Update for linux-ec2 USN-2108-1
Check for the Version of linux-ec2 OpenVAS Vulnerability Test $Id: gbubuntuUSN21081.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-ec2 USN-2108-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Ubuntu 13.10 : linux vulnerabilities (USN-2117-1)
Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...
Ubuntu 10.04 LTS : linux vulnerabilities (USN-2107-1)
A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. CVE-2013-6383 mpd reported an information leak in the recvfrom,...
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2109-1)
Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2929 Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2108-1)
A flaw was discovered in the Linux kernel's compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. CVE-2013-6383 mpd reported an information leak in the recvfrom,...
Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2113-1)
Saran Neti reported a flaw in the ipv6 UDP Fragmentation Offload UFI in the Linux kernel. A remote attacker could exploit this flaw to cause a denial of service panic. CVE-2013-4563 Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker...