Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the nnef-oam route group due to missing inbound authentication and authorization checks. An attacker can gain unauthorized access to administrative operations by sending unauthenticated requests to the exposed...

CVE-2024-7595 GRE and GRE6 Protocols (RFC2784) do not validate or verify the source of a network packet

GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected network behaviors. This can be considered simil...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

SUSE CVE-2015-0225

The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request...