CVE-2023-27520

Cross-site request forgery CSRF vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. Note Web Config is the software that allows...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page. Note Web Config is the software that allows...

The vulnerability of the ASSD-Video surveillance system’s components, related to uncontrolled resource consumption, allows a intruder to trigger a service failure.

The vulnerability of the ASSaD-Video surveillance system components is related to abnormal operation of the network interfaces of these components. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

CVE-2023-23572

Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPS...

CVE-2023-23572

Cross-site scripting vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote authenticated attacker with an administrative privilege to inject an arbitrary script. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPS...

CVE-2023-23572

CVE-2023-23572 is a stored cross-site scripting vulnerability in SEIKO EPSON printers’ and network interface Web Config (Remote Manager) affecting the Web Config component pre-installed on some printers/network interfaces. A remote authenticated attacker with administrative privileges can inject ...

CVE-2023-27520

The CVE-2023-27520 CSRF vulnerability affects SEIKO EPSON printers’ Web Config (Remote Manager) and can allow a remote unauthenticated attacker to hijack a user’s session by tricksing a logged-in user into visiting a malicious page. The underlying issue is cross-site request forgery in the Web Co...

[SECURITY] Fedora 36 Update: containernetworking-plugins-1.1.1-16.fc36

The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resource...

[SECURITY] Fedora 37 Update: containernetworking-plugins-1.1.1-16.fc37

The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resource...

[SECURITY] Fedora 38 Update: containernetworking-plugins-1.1.1-16.fc38

The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resource...

Fedora: Security Advisory for containernetworking-plugins (FEDORA-2023-f4bd7ab2f7)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

K44453423: IP-in-IP Packet Processing vulnerability CVE-2020-10136

Security Advisory Description Multiple products that implement the IP Encapsulation within IP standard RFC 2003, STD 1 decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface an...

Exploit for OS Command Injection in Control-Webpanel Webpanel

Docs Paper : https://docs.google.com/document/d/1rQ7e9i2AFzHbASf...

SUSE CVE-2015-0225

The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request...

SUSE CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn't otherwise be able to reach. It may also be used to trigger side effects by causing a...

SUSE CVE-2020-15238

Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any...

SUSE CVE-2021-3416

A potential stack overflow via infinite loop issue was found in various NIC emulators of QEMU in versions up to and including 5.2.0. The issue occurs in loopback mode of a NIC wherein reentrant DMA checks get bypassed. A guest user/process may use this flaw to consume CPU cycles or crash the QEMU...

SUSE CVE-2021-3448

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ...

SUSE CVE-2021-20206

An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the syste...

The vulnerability of the Linux operating system’s kernel network interface layer allows a hacker to bypass the network interface layer.

The vulnerability of the Linux operating system’s kernel network firewall is related to improper handling and processing of messages. Exploiting this vulnerability can allow an attacker to bypass network firewall restrictions...