CVE-2020-3118

A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisc...

CVE-2020-3111

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discove...

PT-2020-1610 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the Cisco Discovery Protocol implementation could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected...

PT-2020-1657 · Cisco · Cisco Fxos +3

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software affected versions not specified Cisco IOS XR Software affected versions not specified Cisco NX-OS Software affected versions not specified Description: A vulnerability in the Cisco Discovery Protocol implementation could...

The vulnerability of the traffic filtering component of the Cisco SD-WAN programmable network allows a hacker to bypass the filters at the L2 and L4 levels.

The vulnerability of the Cisco SD-WAN’s programmatically defined traffic filtering component exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to bypass L2 and L4 filters using a specially crafted TCP packet...

CVE-2019-1687

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service DoS condition. The...

CVE-2019-6604

On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, hardware systems with a High-Speed Bridge and using non-default Layer 2 forwarding configurations may experience a lockup of the High-Speed Bridge...

Cisco NX-OS Denial of Service Vulnerability

Cisco NX-OS is a set of data center-grade operating system software used by switches. A denial of service vulnerability exists in Cisco NX-OS version 802.1X. The vulnerability stems from a failure to fully authenticate the input of Extensible Authentication Protocol EAPOL frames on the LAN. An...

Google Android L2TP Component Privilege Permission and Access Control Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, of which L2TP is an L2TP Internet Tunneling Protocol component. A boost vulnerability exists in the L2TP component in Android. A local attacker can exploit this vulnerability to...

CVE-2018-5531

Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network layer 2...

tcpdump: Buffer over-read in print-l2tp.c, several functions in L2TP parser

The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions...

DEBIAN-CVE-2017-13006

The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions...

CVE-2017-13006

The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions...

Siemens 7KM PAC Switched Ethernet Denial of Service Vulnerability

7KM PAC Switched Ethernet is a switched Ethernet device from Siemens, Germany. A denial of service vulnerability exists in the 7KM PAC Switched Ethernet PROFINET Extension Module versions prior to 2.1.3, which allows an attacker to trigger a denial of service condition via specially crafted...

kernel: l2tp: Race condition in the L2TPv3 IP encapsulation feature

A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system...

kernel: l2tp: Race condition in the L2TPv3 IP encapsulation feature

A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system...

kernel: l2tp: Race condition in the L2TPv3 IP encapsulation feature

A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system...

kernel: l2tp: Race condition in the L2TPv3 IP encapsulation feature

A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system...

OpenDaylight 'odl-l2switch-switch' Denial of Service Vulnerability

OpenDaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security vulnerability exists in the...

LAME II_step_one function buffer overflow vulnerability

LAME is an open source MP3 audio compression software. A buffer overflow vulnerability exists in the LAME libmpgdecoder.a/mpglib/layer2.c/IIstepone function, which allows remote attackers to exploit the vulnerability by submitting a special file that induces the user to parse it, which can crash...