Lucene search
K

479 matches found

NVD
NVD
added 2021/10/13 11:15 p.m.37 views

CVE-2021-41075

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API...

9.8CVSS0.03323EPSS
Exploits0References1
OSV
OSV
added 2021/10/13 11:15 p.m.5 views

CVE-2021-41075

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API...

9.8CVSS5.8AI score0.03323EPSS
Exploits0References1
Prion
Prion
added 2021/10/13 11:15 p.m.18 views

Sql injection

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API...

7.5CVSS9.7AI score0.03323EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/10/13 11:15 p.m.6 views

CVE-2021-41075

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API...

9.8CVSS7.4AI score0.03323EPSS
Exploits0References2
CVE
CVE
added 2021/10/13 10:12 p.m.53 views

CVE-2021-41075

The CVE-2021-41075 affects Zoho ManageEngine OpManager’s NetFlow Analyzer prior to build 125455. The vulnerability is a SQL Injection in the Attacks Module API, enabling an attacker to execute arbitrary SQL commands. The issue is confirmed across multiple sources (including Red Hat and CNVD) and ...

9.8CVSS9.8AI score0.03323EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/10/13 10:12 p.m.28 views

CVE-2021-41075

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API...

10AI score0.03323EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/10/13 12:0 a.m.5 views

ZOHO ManageEngine OpManager SQL注入漏洞

ZOHO ManageEngine OpManager is an end-to-end integrated network management software that enables comprehensive, visual, unified and centralized monitoring and management of IT infrastructure, including network devices, servers, hosts, WAN links, applications and services, within an enterprise...

9.8CVSS6AI score0.03323EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2021/08/25 3:13 p.m.33 views

Surveillance of the Internet Backbone

Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. Its useful for cybersecurity forensics, but can also be used for things like tracing VPN activity. At a high level, netflow data creates a picture of traffic flow and volume across a network. It...

2.4AI score
Exploits0
OSV
OSV
added 2021/08/13 2:15 p.m.1 views

DEBIAN-CVE-2021-3635

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root CAPSYSADMIN access is able to panic the system when issuing netfilter netflow commands...

4.4CVSS6.3AI score0.00242EPSS
Exploits0References1
OSV
OSV
added 2021/08/13 2:15 p.m.3 views

UBUNTU-CVE-2021-3635

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root CAPSYSADMIN access is able to panic the system when issuing netfilter netflow commands...

4.4CVSS6.6AI score0.00242EPSS
Exploits0References3
Prion
Prion
added 2021/08/13 2:15 p.m.32 views

Design/Logic Flaw

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root CAPSYSADMIN access is able to panic the system when issuing netfilter netflow commands...

4.9CVSS5.2AI score0.00242EPSS
Exploits0References1Affected Software3
Debian CVE
Debian CVE
added 2021/08/13 1:22 p.m.30 views

CVE-2021-3635

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root CAPSYSADMIN access is able to panic the system when issuing netfilter netflow commands...

4.9CVSS6.6AI score0.00242EPSS
Exploits0
Cvelist
Cvelist
added 2021/08/13 1:22 p.m.34 views

CVE-2021-3635

A flaw was found in the Linux kernel netfilter implementation in versions prior to 5.5-rc7. A user with root CAPSYSADMIN access is able to panic the system when issuing netfilter netflow commands...

5.7AI score0.00242EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/06 12:0 a.m.4 views

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel netfilter, which allows a user with root privileges CAP SYS ADMIN to paralyze the system when issuing the netfilter netflow command...

4.9CVSS6.6AI score0.00242EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.4 views

Plixer Scrutinizer NetFlow & sFlow Analyzer SQL注入漏洞

Plixer Scrutinizer is a network traffic analysis system that collects, analyzes, visualizes, and reports data from every network conversation and digital transaction to provide security and network intelligence. A SQL injection vulnerability exists in Plixer Scrutinizer version 19.0.2. An attacke...

7.5CVSS5.9AI score0.00974EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/10/12 12:0 a.m.49 views

Cisco IOS XE Software for Catalyst 9800 Series DoS (cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX)

According to its self-reported version, Cisco IOS XE Software is affected by a DoS vulnerability in the Flexible NetFlow Version 9 packet processor due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An unauthenticated, remote attacker could cause a DoS...

8.6CVSS8AI score0.01374EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/10/12 12:0 a.m.203 views

Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) DoS (cisco-sa-iosxe-wlc-fnfv9-EvrAQpNX)

According to its self-reported version, the remote Cisco Wireless LAN Controller WLC device is affected by a DoS vulnerability in the Flexible NetFlow Version 9 packet processor due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An unauthenticated, remote...

8.6CVSS8.1AI score0.01374EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2020/10/09 12:0 a.m.4 views

The vulnerability of the Flexible NetFlow operating system in Cisco IOS XE network devices of the Cisco Catalyst 9800 Series allows a attacker to cause service interruptions.

The vulnerability of the Flexible NetFlow operating system and Cisco IOS XE network devices from the Cisco Catalyst 9800 series is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

8.6CVSS7.6AI score0.01374EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2020/09/27 12:0 a.m.15 views

Debian: Security Advisory (DLA-2383-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.02709EPSS
Exploits1References4
OSV
OSV
added 2020/09/24 6:15 p.m.2 views

CVE-2020-3492

A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers WLC could allow an unauthenticated, remote attacker to cause a denial of service DoS conditi...

8.6CVSS7.3AI score0.01374EPSS
Exploits0References1
Rows per page
Query Builder