Lucene search
K

514 matches found

Cvelist
Cvelist
added 2025/03/24 12:0 a.m.27 views

CVE-2025-29311

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets...

0.00345EPSS
Exploits0References1
CVE
CVE
added 2025/03/24 12:0 a.m.73 views

CVE-2025-29311

CVE-2025-29311 affects ONOS v2.7.0, where a limited secret space in LLDP packets can let an attacker brute-force obtain the private key and craft LLDP packets. The public documents confirm the vulnerability and potential for exploit via crafted LLDP frames, but do not provide a concrete patch ver...

7.5CVSS6.8AI score0.00345EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/03/24 12:0 a.m.5 views

PT-2025-12708 · Onos · Onos

Name of the Vulnerable Software and Affected Versions: onos version 2.7.0 Description: The issue is related to limited secret space in LLDP packets, which can be exploited by attackers to obtain the private key via a brute force attack. Attackers can leverage this to create crafted LLDP packets...

7.5CVSS5.9AI score0.00345EPSS
Exploits0References9
OSV
OSV
added 2025/03/24 12:0 a.m.12 views

CVE-2025-29311

Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets...

7.5CVSS6.8AI score0.00345EPSS
Exploits0References3
OSV
OSV
added 2025/03/17 8:16 p.m.7 views

RLSA-2024:9158 Moderate: lldpd security update

LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. Security Fixes: lldp/openvswitch: denial of service...

9.8CVSS6.9AI score0.03235EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/14 10:39 p.m.20 views

CVE-2025-0116

A Denial of Service DoS vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance...

6.8CVSS6.8AI score0.00221EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/12 6:34 p.m.44 views

CVE-2025-0116 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame

A Denial of Service DoS vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance...

6.8CVSS0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/12 6:34 p.m.14 views

CVE-2025-0116 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame

A Denial of Service DoS vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance...

6.8CVSS6.9AI score0.00221EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2025/03/12 4:0 p.m.19 views

PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame

A Denial of Service DoS vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance...

6.8CVSS6.8AI score0.00221EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-6501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious...

3.1CVSS4.7AI score0.00447EPSS
Exploits0References3
Redos
Redos
added 2025/01/09 12:0 a.m.79 views

ROS-20250109-01

A NetworkManager network connection management vulnerability involves the injection of corrupted LLDP packets. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

3.1CVSS7.3AI score0.00447EPSS
Exploits0
Cvelist
Cvelist
added 2024/11/18 3:42 p.m.14 views

CVE-2021-1379 Cisco IP Phones Cisco Discovery Protocol and Link Layer Discovery Protocol Remote Code Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the Cisco Discovery Protocol and Link Layer Discovery Protocol LLDP implementations for Cisco IP Phone Series 68xx/78xx/88xx could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP phone. These vulnerabilities are...

6.5CVSS0.00315EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/12 9:5 a.m.30 views

Moderate: Red Hat Security Advisory: lldpd security update

An update for lldpd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.8CVSS7.1AI score0.03235EPSS
Exploits0References8
OSV
OSV
added 2024/11/12 12:0 a.m.15 views

ALSA-2024:9158 Moderate: lldpd security update

LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. Security Fixes: lldp/openvswitch: denial of service...

9.8CVSS7.8AI score0.03235EPSS
Exploits0References8
AlmaLinux
AlmaLinux
added 2024/11/12 12:0 a.m.18 views

Moderate: lldpd security update

LLDP is an industry standard protocol designed to supplant proprietary Link-Layer protocols such as EDP or CDP. The goal of LLDP is to provide an inter-vendor compatible mechanism to deliver Link-Layer notifications to adjacent network devices. Security Fixes: lldp/openvswitch: denial of service...

9.8CVSS7AI score0.03235EPSS
Exploits0References8
NVD
NVD
added 2024/11/01 2:15 p.m.11 views

CVE-2024-51406

Floodlight SDN Open Flow Controller v.1.2 has an issue that allows local hosts to build fake LLDP packets that allow specific clusters to be missed by Floodlight, which in turn leads to missed hosts inside and outside the cluster...

6.2CVSS0.0023EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/11/01 12:0 a.m.11 views

CVE-2024-51406

Floodlight SDN Open Flow Controller v.1.2 has an issue that allows local hosts to build fake LLDP packets that allow specific clusters to be missed by Floodlight, which in turn leads to missed hosts inside and outside the cluster...

6.7AI score0.0023EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.6 views

PT-2024-34620 · Unknown · Open Floodlight Sdn Controller

Name of the Vulnerable Software and Affected Versions: Floodlight SDN Open Flow Controller version 1.2 Description: The issue allows local hosts to build fake LLDP packets, which can cause Floodlight to miss specific clusters. This, in turn, leads to missed hosts inside and outside the cluster. T...

6.2CVSS6.3AI score0.0023EPSS
Exploits1References9
CVE
CVE
added 2024/11/01 12:0 a.m.44 views

CVE-2024-51406

CVE-2024-51406 affects Floodlight SDN OpenFlow Controller v1.2. The issue enables local hosts to craft fake LLDP packets, causing specific clusters to be missed by Floodlight and resulting in missed hosts both inside and outside the cluster. The vulnerability’s assessment in the provided sources ...

6.2CVSS6.4AI score0.0023EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/11/01 12:0 a.m.6 views

CVE-2024-51406

Floodlight SDN Open Flow Controller v.1.2 has an issue that allows local hosts to build fake LLDP packets that allow specific clusters to be missed by Floodlight, which in turn leads to missed hosts inside and outside the cluster...

6.2CVSS6.9AI score0.0023EPSS
Exploits1References5
Rows per page
Query Builder