769 matches found
AlmaLinux 8 : dnsmasq (ALSA-2021:4153)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4153 advisory. - A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while...
CVE-2021-32600
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and t...
Design/Logic Flaw
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and t...
The vulnerability of the UserGate UTM corporate network interface of UserGate D500 allows attackers to compromise the confidentiality and integrity of the protected information.
The vulnerability of the UserGate UTM corporate network interface of UserGate D500 exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to influence the confidentiality and integrity of the protected information...
The vulnerability of the implementation of the Ethernet Industrial Protocol (ENIP) in the microsoftware-based network interface controllers of Cisco Firepower Threat Defense (FTD) allows a attacker to circumvent the configured access control policies.
The vulnerability of the Industrial Ethernet Protocol ENIP implementation of Cisco Firepower Threat Defense’s micro-programmed network interface controllers is related to access control deficiencies. Exploiting this vulnerability could allow a malicious actor to bypass the configured access contr...
Packet-Sniffer - A pure-Python Network Packet Sniffing Tool
A simple pure-Python network packet sniffer. Packets are disassembled as they arrive at a given network interface controller and their information is displayed on the screen. This application maintains no dependencies on third-party modules and can be run by any Python 3.x interpreter. Installati...
EulerOS 2.0 SP8 : dnsmasq (EulerOS-SA-2021-2458)
According to the versions of the dnsmasq packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fix...
CVE-2021-37912
The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in...
Command injection
The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in...
Command injection
The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in...
CVE-2021-37913 HGiga OAKlouds - Command Injection-2
The HGiga OAKlouds mobile portal does not filter special characters of the IPv6 Gateway parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in...
CVE-2021-37912
The CVE-2021-37912 issue affects the HGiga OAKlouds mobile portal. An input validation flaw in the Ethernet number parameter on the network interface card settings page allows remote command injection. Root cause: unfiltered/special-character input enables arbitrary command execution on the syste...
CVE-2021-37912 HGiga OAKlouds - Command Injection-1
The HGiga OAKlouds mobile portal does not filter special characters of the Ethernet number parameter of the network interface card setting page. Remote attackers can use this vulnerability to perform command injection and execute arbitrary commands in the system without logging in...
Protect
An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list. Â...
ISC BIND Winsock API Vulnerability (CVE-2013-6230) - Windows
ISC BIND is prone to a vulnerability in the Winsock API. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...
Fedora: Security Advisory for containernetworking-plugins (FEDORA-2021-07e4d20196)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for containernetworking-plugins (FEDORA-2021-54f88bebd4)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: containernetworking-plugins-1.0.0-0.3.rc1.fc33
The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resource...
PT-2021-6726 · Lwip · Lwip
Name of the Vulnerable Software and Affected Versions: lwIP version git head Description: A buffer overflow vulnerability in the icmp6 send response with addrs and netif function allows attackers to access sensitive information via a crafted ICMPv6 packet. The issue is related to the copying of a...
CVE-2021-3570
A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiali...