102 matches found
[SECURITY] Fedora 40 Update: perl-Data-UUID-1.227-1.fc40
This module provides a framework for generating v3 UUIDs Universally Unique Identifiers, also known as GUIDs Globally Unique Identifiers. A UUID is 128 bits long, and is guaranteed to be different from all other UUIDs/GUIDs generated until 3400 CE. UUIDs were originally used in the Network...
Input validation
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System NCS 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to...
CVE-2024-20320
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System NCS 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to...
CVE-2024-20320
CVE-2024-20320 affects Cisco IOS XR Software on Cisco 8000 Series Routers and NCS 540/5700 Series; the issue is due to insufficient validation of arguments in the SSH client CLI command, allowing an authenticated, low-privileged attacker to escalate to root on the device. Cisco states software up...
CVE-2024-20320
A vulnerability in the SSH client feature of Cisco IOS XR Software for Cisco 8000 Series Routers and Cisco Network Convergence System NCS 540 Series and 5700 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to...
Cisco IOS XR Security Vulnerability
Cisco IOS XR is a set of operating systems developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that stems from insufficient validation of parameters contained in SSH client CLI commands, which could allow an authenticated, local attacker to elevate root...
Cisco IOS XR Security Vulnerability
Cisco IOS XR is an operating system developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that originates from a security hole in ingress direction IP access control lists ACLs on MPLS and Pseudowire PW interfaces that could allow an unauthenticated, remote...
ncscolour.com Cross Site Scripting vulnerability OBB-3293872
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Design/Logic Flaw
An issue was discovered in DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. The troubleshootinglogsdownload.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files...
PT-2023-21216 · Commscope · Arris Dg3450 Cable Gateway
Name of the Vulnerable Software and Affected Versions: CommScope Arris DG3450 Cable Gateway version AR01.02.056.18 041520 711.NCS.10 Description: A reflected XSS issue was discovered in the "https redirect.php" web page via the page parameter. This allows for potential malicious script execution...
CVE-2023-27571
CVE-2023-27571 affects Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The vulnerability is due to the troubleshooting_logs_download.php log file download function not checking the session cookie, enabling an attacker to download all log files. Documents confirm affected software/ver...
Cisco Network Convergence System 4000 Series TL1 Denial of Service Vulnerability
A vulnerability in the TL1 function of Cisco Network Convergence System NCS 4000 Series could allow an authenticated, local attacker to cause a memory leak in the TL1 process. This vulnerability is due to TL1 not freeing memory under some conditions. An attacker could exploit this vulnerability b...
PT-2022-6638 · Cisco · Cisco Network Convergence System (Ncs) 4000 Series +1
Name of the Vulnerable Software and Affected Versions: Cisco Network Convergence System NCS 4000 Series affected versions not specified Description: The issue is related to the TL1 function of the Cisco Network Convergence System NCS 4000 Series, which is associated with uncontrolled memory...
CVE-2021-34709
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34709
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34708
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34708
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
Information disclosure
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34709 Cisco IOS XR Software for Cisco 8000 and Network Convergence System 540 Series Routers Image Verification Vulnerabilities
Multiple vulnerabilities in image verification checks of Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for Cisco 8000 Series Routers could allow an authenticated, local attacker to execute arbitrary code ...
CVE-2021-34709
Cisco IOS XR image verification vulnerabilities (CVE-2021-34709) affect Cisco Network Convergence System 540 Series Routers and Cisco IOS XR Software for Cisco 8000 Series Routers, specifically when using NCS540L images. The flaw allows an authenticated, local attacker to execute arbitrary code o...