Lucene search
K

478 matches found

Debian CVE
Debian CVE
added 2024/12/15 12:0 a.m.12 views

CVE-2024-56073

An issue was discovered in FastNetMon Community Edition through 1.2.7. Zero-length templates for Netflow v9 allow remote attackers to cause a denial of service divide-by-zero error and application crash...

7.5CVSS5.4AI score0.00557EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.4 views

PT-2024-9990 · Unknown · Fastnetmon Community Edition

Name of the Vulnerable Software and Affected Versions: FastNetMon Community Edition versions 1.2.7 and earlier Description: An issue was discovered that allows remote attackers to cause a denial of service. This is due to zero-length templates for Netflow v9, which can lead to a divide-by-zero...

7.8CVSS6.9AI score0.00671EPSS
Exploits0References21
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.175 views

Plixer Scrutinizer NetFlow And SFlow Analyzer HTTP Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Plixer Scrutinizer NetFlow and sFlow Analyzer HTTP Authentication Bypass', 'Description' = %q This will add an administrative account to...

5CVSS7AI score0.44458EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.257 views

ManageEngine NetFlow Analyzer Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine NetFlow Analyzer Arbitrary File Download', 'Description' = %q This module exploits an arbitrary file download vulnerability in...

5CVSS7AI score0.98165EPSS
Exploits9
NVD
NVD
added 2024/06/10 3:15 p.m.20 views

CVE-2024-35304

System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through 777...

9.8CVSS0.01092EPSS
Exploits0References1
OSV
OSV
added 2024/06/10 3:15 p.m.2 views

CVE-2024-35304

System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through 777...

9.8CVSS8.2AI score
Exploits0References1
CVE
CVE
added 2024/06/10 2:21 p.m.54 views

CVE-2024-35304

CVE-2024-35304 describes a system command injection in Pandora FMS, triggered by the Netflow function due to improper input validation. Affected versions are Pandora FMS 700 up to, but not including, 777. The vulnerability can allow an attacker to execute arbitrary system commands remotely over t...

9.8CVSS7.8AI score0.01092EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/10 2:21 p.m.15 views

CVE-2024-35304 System command injection through Netflow function

System command injection through Netflow function due to improper input validation, allowing attackers to execute arbitrary system commands. This issue affects Pandora FMS: from 700 through 777...

9.3CVSS8.1AI score0.01092EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/12/04 12:0 a.m.34 views

ManageEngine NetFlow Analyzer 12.5.x < 12.5.657 / 12.6.x < 12.6.002 / 12.6.104 / 12.6.118 Authenticate Bypass

The version of ManageEngine NetFlow Analyzer running on the remote web server 12.5.x prior to 12.5.657, or 12.6.x prior to 12.6.002 / 12.6.104 / 12.6.118. It is, there, affected by an authentication bypass vulnerability. Due to the lack of proper request handling an unauthenticated, remote attack...

7.5CVSS7.4AI score0.0793EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/11/17 12:0 a.m.6 views

VulnCheck KEV: CVE-2022-36923

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 125657, 126002, 126104, and 126118 allow unauthenticated attackers to obtain a user's API key, and then access...

7.5CVSS7.2AI score0.0793EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.3 views

Scrutinizer NetFlow & sFlow Analyzer SQL Injection Vulnerability

Plixer Scrutinizer NetFlow & sFlow Analyzer is a network traffic analysis system from Plixer, USA. The system provides traffic monitoring, context forensics, and security analysis. A security vulnerability exists in Scrutinizer NetFlow & sFlow Analyzer versions prior to 19.3.1, which stems from a...

9.8CVSS7.9AI score0.00699EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2023/08/08 2:15 p.m.22 views

QakBot Malware Operators Expand C2 Network with 15 New Servers

The operators associated with the QakBot aka QBot malware have set up 15 new command-and-control C2 servers as of late June 2023. The findings are a continuation of the malware's infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed tha...

6.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/03/01 12:0 a.m.7 views

The vulnerability of the implementation of the IPv6 protocol in software for network monitoring tools such as OpManager, OpManager MSP, OpManager Plus, Network Configuration Manager, OpUtils, and the network traffic analyzer NetFlow Analyzer allows a attacker to execute arbitrary code.

The vulnerability of the IPv6 protocol implementation in software for network monitoring tools such as OpManager, OpManager MSP, OpManager Plus, Network Configuration Manager, OpUtils, and the network traffic analyzer NetFlow Analyzer is related to insufficient validation of input data during...

9CVSS7.6AI score0.78326EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2023/02/21 6:45 p.m.42 views

K16939: Multiple Wireshark vulnerabilities

Security Advisory Description Description CVE-2014-6421 Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory ownership between the SDP and RTP...

5CVSS7.3AI score0.03375EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:27 a.m.4 views

SUSE CVE-2014-6424

The dissectv9v10pdudata function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service uninitialized memory read and...

5CVSS7.3AI score0.02933EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:53 a.m.3 views

SUSE CVE-2016-10363

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

7.5CVSS6.8AI score0.01315EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.5 views

SUSE CVE-2021-3635

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root CAPSYSADMIN access is able to panic the system when issuing netfilter netflow commands...

4.1CVSS6.2AI score0.00242EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/12/04 12:0 a.m.18 views

Fedora: Security Advisory for fastnetmon (FEDORA-2022-18023b665f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.4CVSS5.5AI score0.00852EPSS
Exploits0References2
Fedora
Fedora
added 2022/12/03 2:3 a.m.60 views

[SECURITY] Fedora 37 Update: fastnetmon-1.2.1-4.20220528git420e7b8.fc37

DDoS detection tool with sFlow, Netflow, IPFIX and port mirror support...

5.4CVSS5.5AI score0.00852EPSS
Exploits0
Fedora
Fedora
added 2022/12/03 1:44 a.m.43 views

[SECURITY] Fedora 36 Update: fastnetmon-1.2.1-2.20220528git420e7b8.fc36

DDoS detection tool with sFlow, Netflow, IPFIX and port mirror support...

5.4CVSS5.5AI score0.00852EPSS
Exploits0
Rows per page
Query Builder