CVE-2022-21801

A denial of service vulnerability exists in the netserver recvcommand functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted network request can lead to a reboot. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-38393

A denial of service vulnerability exists in the cfgserver cmprocessConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.38649674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this...

CVE-2022-39386

@fastify/websocket provides WebSocket support for Fastify. Any application using @fastify/websocket could crash if a specific, malformed packet is sent. All versions of fastify-websocket are also impacted. That module is deprecated, so it will not be patched. This has been patched in version 7.1....

CVE-2020-6085

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

CVE-2020-6111

An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000...

CVE-2020-6084

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

CVE-2020-6088

An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

CVE-2020-6086

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious...

CVE-2020-28593

A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2024-3393

A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall t...

CVE-2024-3393

CVE-2024-3393 affects Palo Alto Networks PAN-OS DNS Security: a vulnerability in parsing/logging malicious DNS packets allows an unauthenticated attacker to reboot the firewall via a crafted packet, with repeated attempts forcing maintenance mode. Connected sources indicate active exploitation an...

CVE-2024-3393

A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall t...

SUSE CVE-2024-49947

In the Linux kernel, the following vulnerability has been resolved: net: test for not too small csumstart in virtionethdrtoskb syzbot was able to trigger this warning 1, after injecting a malicious packet through afpacket, setting skb-csumstart and thus the transport header to an incorrect value...

CVE-2024-49947

CVE-2024-49947 affects the Linux kernel net stack, specifically a vulnerability in virtio_net_hdr_to_skb() where an incorrectly set skb->csum_start could place the transport header before or after the network header when processing injected packets via af_packet. Syzbot-triggered warnings show...

CVE-2024-49947 net: test for not too small csum_start in virtio_net_hdr_to_skb()

In the Linux kernel, the following vulnerability has been resolved: net: test for not too small csumstart in virtionethdrtoskb syzbot was able to trigger this warning 1, after injecting a malicious packet through afpacket, setting skb-csumstart and thus the transport header to an incorrect value...

CVE-2024-49947 net: test for not too small csum_start in virtio_net_hdr_to_skb()

In the Linux kernel, the following vulnerability has been resolved: net: test for not too small csumstart in virtionethdrtoskb syzbot was able to trigger this warning 1, after injecting a malicious packet through afpacket, setting skb-csumstart and thus the transport header to an incorrect value...

CVE-2024-49947 net: test for not too small csum_start in virtio_net_hdr_to_skb()

In the Linux kernel, the following vulnerability has been resolved: net: test for not too small csumstart in virtionethdrtoskb syzbot was able to trigger this warning 1, after injecting a malicious packet through afpacket, setting skb-csumstart and thus the transport header to an incorrect value...

CVE-2024-9781

A flaw was found in the AppleTalk and RELOAD Framing dissectors of Wireshark. This issue occurs when decoding malformed packets from a pcap file or from the network, causing an invalid read memory access and a denial of service. Mitigation If the AppleTalk and RELOAD Framing protocol dissectors a...

CVE-2024-42736

CVE-2024-42736 affects TOTOLINK X5000r (v9.1.0cu.2350_b20230313). The vulnerability is an OS command injection in the addBlacklist function in /cgi-bin/cstecgi.cgi. Authenticated attackers can send malformed packets to execute arbitrary commands. Public documents from multiple sources corroborate...

CVE-2024-42738

The CVE-2024-42738 issue affects TOTOLINK X5000r (version 9.1.0cu.2350_b20230313). It is an OS command injection in the /cgi-bin/cstecgi.cgi function setDmzCfg, exploitable by authenticated attackers who can send malicious packets to execute arbitrary commands. The vulnerability’s impact is high ...