Lucene search
K

483 matches found

RedHat Linux
RedHat Linux
added 2017/08/01 2:13 p.m.5 views

kernel: l2tp: Race condition in the L2TPv3 IP encapsulation feature

A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system...

7CVSS7.1AI score0.00295EPSS
Exploits0References4
CNVD
CNVD
added 2017/07/04 12:0 a.m.5 views

OpenDaylight 'odl-l2switch-switch' Denial of Service Vulnerability

OpenDaylight, a project of the Linux Foundation in the United States, is a community-driven, open-source, software-defined networking framework that contains an ensemble of modules capable of performing networking tasks that need to be done quickly. A security vulnerability exists in the...

7.5CVSS6.5AI score0.01402EPSS
Exploits1References1
CNVD
CNVD
added 2017/06/27 12:0 a.m.4 views

LAME II_step_one function buffer overflow vulnerability

LAME is an open source MP3 audio compression software. A buffer overflow vulnerability exists in the LAME libmpgdecoder.a/mpglib/layer2.c/IIstepone function, which allows remote attackers to exploit the vulnerability by submitting a special file that induces the user to parse it, which can crash...

5.5CVSS7.3AI score0.04065EPSS
Exploits1References1
OSV
OSV
added 2017/06/25 7:29 p.m.2 views

DEBIAN-CVE-2017-9869

The IIstepone function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted audio file...

5.5CVSS6.7AI score0.04065EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2017/05/18 12:0 a.m.8 views

The vulnerability of the L2TP function in the Cisco IOS operating system allows a intruder to trigger a device reboot and a service failure.

The vulnerability of the L2TP function in the Cisco IOS operating system exists due to insufficient checking of L2TP packets. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot and a service failure using a specially crafted L2TP packet...

7.8CVSS7.2AI score0.02593EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/05/09 12:0 a.m.26 views

Siemens SIMATIC HMI Denial of Service Vulnerability

SIMATIC HMI is an industrial device from Siemens, Germany.SIMATIC HMI panels are used for operator control and monitoring of machines and equipment. A denial of service vulnerability in the Siemens SIMATIC HMI Multi-Panel and HMI Mobile Panels, as well as in the S7-300/S7-400 devices, allows an...

7.1CVSS6.5AI score0.00906EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/04/19 5:43 a.m.3 views

SEIL Series routers vulnerable to denial-of-service (DoS)

Overview The DNS forwarder, the PPP Access Concentrator L2TP and the MeasureiPerf server function in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to a flaw in processing certain packets. Internet Initiative Japan Inc. reported th...

7.5CVSS6.8AI score0.01545EPSS
Exploits0References5
CNVD
CNVD
added 2017/03/23 12:0 a.m.0 views

Cisco IOS XE Software L2TP Message Denial of Service Vulnerability

Cisco IOS XE Software is an operating system developed by Cisco in the United States for its network devices. Cisco IOS XE Software's fails to adequately filter L2TP packets. A remote attacker could exploit this vulnerability to submit a special request for a denial of service attack...

7.8CVSS6.8AI score0.02593EPSS
Exploits0References1
OSV
OSV
added 2017/03/22 7:59 p.m.2 views

CVE-2017-3857

A vulnerability in the Layer 2 Tunneling Protocol L2TP parsing function of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and Cisco IOS XE 3.1 through 3.18 could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation...

7.5CVSS5.8AI score0.02593EPSS
Exploits0References3
OSV
OSV
added 2017/03/07 12:0 a.m.3 views

UBUNTU-CVE-2016-10200

Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service use-after-free by making multiple bind system calls without properly ascertaining whether a socket has the SOCKZAPPED status, related to...

7CVSS6.7AI score0.00295EPSS
Exploits0References8
CNVD
CNVD
added 2017/02/28 12:0 a.m.4 views

MikroTik RouterOS L2TP Client Man-in-the-Middle Attack Vulnerability

MikroTik RouterOS is a routing operating system developed on the Linux kernel. A security vulnerability in the L2TP Client of MikroTik RouterOS allows remote attackers to exploit the vulnerability to gain unauthorized access to an L2TP server via a man-in-the-middle attack...

5.9CVSS6.8AI score0.00743EPSS
Exploits1References1
OSV
OSV
added 2017/02/27 6:59 p.m.5 views

CVE-2016-8105

Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations...

6.5CVSS5.8AI score0.00469EPSS
Exploits0References2
OSV
OSV
added 2017/02/27 7:59 a.m.4 views

CVE-2017-6297

The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain access to networks on the L2TP server by monitoring the packets for the transmitted data and...

5.9CVSS5.8AI score0.00743EPSS
Exploits1References2
OSV
OSV
added 2016/12/29 10:59 p.m.1 views

DEBIAN-CVE-2015-8744

QEMU aka Quick Emulator built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable to crash issue. It occurs when a guest sends a Layer-2 packet smaller than 22 bytes. A privileged CAPSYSRAWIO guest user could use this flaw to crash the QEMU process instance resulting in DoS...

5.5CVSS6.6AI score0.00395EPSS
Exploits0References1
OSV
OSV
added 2016/12/14 12:59 a.m.3 views

CVE-2016-6473

A vulnerability in Cisco IOS on Catalyst Switches and Nexus 9300 Series Switches could allow an unauthenticated, adjacent attacker to cause a Layer 2 network storm. More Information: CSCuu69332, CSCux07028. Known Affected Releases: 15.23E. Known Fixed Releases: 12.250SE4 12.250SE5 12.250SQ5...

6.5CVSS5.8AI score0.00641EPSS
Exploits0References2
CNVD
CNVD
added 2016/11/17 12:0 a.m.3 views

Siemens SIMATIC S7-300/1200/1500 CPU Denial of Service Vulnerability

Siemens SIMATIC S7-300, 1200 and 1500 CPUs are modular general-purpose controllers for the manufacturing industry from Siemens, Germany, and are widely used in tobacco, petrochemical, water and other important industrial control sites. A denial of service vulnerability exists in the Siemens SIMAT...

6.6AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/08/31 12:0 a.m.9 views

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the drivers/media/platform/msm/camerav2/sensor/cci/msmcci.c file of the Qualcomm Android operating system is related to a missing unit error. Exploiting this vulnerability allows a remote attacker to enhance their privileges through a specially created application that sends...

9.3CVSS7.3AI score0.0053EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2016/07/20 11:53 p.m.8 views

openstack-neutron: MAC source address spoofing vulnerability

Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests...

8.2CVSS5.8AI score0.0324EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2016/07/20 11:53 p.m.5 views

openstack-neutron: ICMPv6 source address spoofing vulnerability

Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests...

9.1CVSS5.8AI score0.04248EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2016/07/20 11:53 p.m.8 views

openstack-neutron: DHCP spoofing vulnerability

Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests...

8.2CVSS5.8AI score0.03411EPSS
Exploits0References4
Rows per page
Query Builder